Ardent Health Services disclosed that it took its network offline following the cyberattack on November 23, suspending user access to vital information technology applications, including those used for documenting patient care.
A ransomware attack has compelled Ardent Health Services, a healthcare chain operating 30 hospitals across six states, to reroute patients from certain emergency rooms to alternative hospitals and delay elective procedures
By Tuesday afternoon, over half of Ardent’s 25 emergency rooms had partially resumed services, either accepting patients by ambulance or fully lifting their “divert” status, a term used when hospitals redirect emergency cases to nearby facilities. Ardent spokesperson Will Roberts emphasized that hospitals across the country have historically employed divert status during flu seasons, COVID-19 spikes, natural disasters, and significant trauma events.
The Nashville-based healthcare provider, which operates in states such as Oklahoma, Texas, New Jersey, New Mexico, Idaho, and Kansas, is still assessing the extent of compromised patient health and financial information. Ardent has reported the incident to law enforcement, engaged third-party forensic and threat intelligence advisers, and collaborated with cybersecurity experts to restore IT functions promptly. The company has not provided a definitive timeline for resolving the issues.
Patients nationwide are grappling with the aftermath of a ransomware attack. William Spell in Amarillo, Texas, reported difficulty scheduling a doctor’s appointment through an online portal due to the cyberattack, leaving him and his mother seeking alternative options for their flu-like symptoms. BSA Health System, the umbrella provider for Spell’s clinic and other facilities, is working to restore its patient portal and video doctor visit system.
Ardent asserts that each hospital still provides medical screenings and stabilizing care for patients arriving at emergency rooms
However, hospitals within Ardent’s Lovelace Health System in Albuquerque, New Mexico, and the University of Kansas Health System-St. Francis in Topeka, Kansas, has resorted to diverting some emergency cases to other facilities and rescheduling non-urgent surgeries.
A ransomware attack on Ardent Health is emblematic of a growing trend, with a ransomware attack incidents becoming increasingly common, according to cybersecurity analysts. While some ransomware groups refrain from targeting hospitals, the number of those willing to do so is on the rise. Analyst Allan Liska at Recorded Future highlighted the severity of the situation, noting that even when healthcare providers resist paying ransoms, attackers may still sell patient data, causing widespread repercussions within the affected hospitals and their surrounding areas.