Cyberattack Forces Memorial Health System to Move Patients to Alternative Hospitals

Memorial Health System located in Marietta, OH was pressured to redirect emergency care because of an alleged ransomware attack.

When the cyberattack happened, the health network was compelled to de-activate IT systems to restrict the attack. Emergency practices were executed as a result of the insufficiency of access to critical IT systems, and the staff members are utilizing paper records.

Memorial Health System manages three hospitals in West Virginia And Ohio, all of them were impacted by the cyberattack. Considering that electronic health records cannot be accessed, patient safety was likely put at stake, and so the option was taken to transfer emergency patients.

Memorial Health System will go on to allow: patients with STROKE, TRAUMA, and STEMI at Marietta Memorial Hospital. Selby And Belpre are on diversion for all patients because of the accessibility of radiology. It’s best for all other patients to be brought to the nearby available center. When all local hospitals are on diversion, patients are going to be transferred to the emergency unit nearest to where the emergency took place. This diversion will be continuing until IT systems are recovered.

All urgent surgical consultations and radiology tests the following day were re-scheduled; nonetheless, all primary care visits are moving ahead as appointed, even though patients with schedules were instructed to call up beforehand to confirm.

Memorial Health System President and CEO Scott Cantley explained that keeping the safety and protection of patients and their health care is the provider’s major concern and they are doing all that is needed to lessen interruption. Employees at the Selby, Sistersville General, and Marietta Memorial Hospital are using paper records as systems are repaired, and data restored.

The hospital system started an inquiry into the breach, nevertheless, it is way too early to find out how much data, if any, were affected in the attack. Memorial Health System officers mentioned they were no evidence found yet that shows the attackers acquired worker or patient information. IT experts are already carefully looking into the breach to know specifically how hackers acquired access to its networks, the steps they took when access was obtained, and which databases and files they accessed or obtained.

The cyberattack report was sent to the Department Of Homeland Security and the FBI, and the health system is working closely with its IT associates to recover its systems and data immediately.

Bleeping Computer has supposedly seen information indicating the Hive ransomware threat group was liable for the attack. Like a number of other ransomware operations, the Hive ransomware gang is well-known for stealing information before employing ransomware and has a leak website that is employed to force victims into paying out the ransom.

Bleeping Computer states proof was acquired indicating databases comprising the protected health information (PHI) of close to 200,000 patients were compromised during the attack, as the databases contained names, Social Security numbers, and birth dates.