Ransomware attack disrupts operations at Ardent Health Services
Ardent proactively took its network offline, suspending user access to its IT applications, including corporate servers and Epic software.
Photo: Diego Cervo/Getty Images
Ardent Health Services has been hit with a ransomware attack that has disrupted some of its clinical and financial operations, the Tennessee-based health system reported.
Ardent said it took its network offline proactively, and suspended all access to its information technology applications, including corporate servers, Epic software, internet and clinical programs.
Ardent Health Services operates 30 hospitals in six states, including in Texas, Oklahoma and New Mexico.
The information technology cybersecurity incident was discovered on the morning of Thursday, November 23 and was determined to be a ransomware attack.
At this time, Ardent said it could not confirm the extent of any patient health or financial data that has been compromised.
No one at the health system could be immediately reached for comment.
WHY THIS MATTERS
The incident has resulted in a temporary disruption to certain aspects of Ardent's clinical and financial operations, the health system said. Patient care continued to be delivered in its hospitals, emergency rooms and clinics.
In an abundance of caution, Ardent rescheduled some non-emergent, elective procedures and diverted some emergency room patients to other area hospitals until systems are back online.
Ardent said its technology team has been working to understand the event, safeguard data and regain functionality. It has reported this event to law enforcement and retained third-party forensic and threat intelligence advisors.
In addition to electronic protection procedures already in place, Ardent has also implemented additional information technology security protocols and is working with specialist cybersecurity partners to restore its information technology operations and capabilities as quickly as possible.
The investigation and restoration of access to electronic medical records and other clinical systems is ongoing. Ardent is still determining the full impact of this event, and it is too soon to know how long the process will take or what data may be involved in this incident.
THE LARGER TREND
Health systems and hospitals are the frequent targets of data breaches.
Healthcare suffers the largest financial hit, according to data published in July by the Ponemon Institute.
This year, the average cost of a data breach reached an all-time high of $4.4 million, a 2.3% increase from 2022.
Warren General Hospital in Pennsylvania recently reported a data breach affecting roughly 169,000 patients.
Twitter: @SusanJMorse
Email the writer: SMorse@himss.org