Officials at Methodist Hospital, based in Henderson, Kentucky, announced that their computer system is back “up and running” following a cyber attack last Friday, according to NBC 14 News.
Methodist Hospital had posted a message on its website on Friday stating that it is currently working in an internal state of emergency due to a computer virus that limited the use of its electronic web-based services.
“We are currently working to resolve this issue, until then we will have limited access to web based services and electronic communications,” the message stated.
In the NBC 14 News story published Monday afternoon, the news station quoted hospital officials stating that the hack was the result of ransomware that made it through the hospital’s email filter. “Methodist Hospital officials say they did not pay the ransom and they tell us no patient data or records have been compromised. The investigation is ongoing,” NBC 14 News reported.
In a story published Friday, NBC 14 News reported that the Federal Bureau of Investigation was investigating a cybersecurity breach at the hospital. “Officials at Methodist Hospital say this hack is ransomware in action. Hackers have locked patients’ files and they’re demanding money to regain access to them,” the news station reported.
And, the NBC 14 News article quoted Methodist Hospital Chief Operating Officer David Park as stating that the hackers have copied patients’ files, locked those copies and deleted the original files.
On Friday, the news station reported, “In a release, hospital officials say they want to reassure patients their information is secure. They say, they activated a back-up system while the main network was locked down. The hospital has been able to run smoothly without interrupting daily operations.”
Methodist Hospital officials also said on Friday that their information systems department responded quickly to prevent the virus from spreading.
The “internal state of emergency” message on the hospital’s website links to the healthcare organization’s digital disaster response system. That site stated, “This site if for web-enabled communications during emergency events. During an actual incident the disaster action plan or important directives will appear on this page. Though this site is for emergency responders, public information links are available on the left of this page.”
Get the latest information on Cyber-Security, and attend other valuable sessions at this two-day, intimate event bringing together C-level, physician, practice management and IT decision makers for strategy discussions, knowledge exchange, and one-on-one meetings.