Alabama health system forced to limit hospital services after ransomware attack

ransomware
Alabama-based hospital system DCH says hackers have limited the organization's ability to use its computer systems for an "as-yet-unknown" payment. (Nawadoln/GettyImages)

Alabama-based DCH Health System has been forced to limit hospital services to only "the most critical new patients" after it was hit with a ransomware attack.

The health system, which operates hospitals in Tuscaloosa, Fayette and Northport, detected ransomware that affected its systems Oct. 1, the organization said in an updated statement posted to its website Wednesday.

Officials said the health system immediately implemented emergency procedures to continue providing safe care in the event technology dependent on computers was not available.

Webinar

How Providers Can Leverage Technology to Accelerate Business Recovery

Join us for this webinar on July 14th at 1pm ET / 10am PT to hear how organizations are responding to the COVID-19 crisis, re-engaging patients with postponed elective services, and utilizing contact tracing to support the health and wellbeing of their communities.

"That said, we feel it is in the best interest of patient safety that DCH Regional Medical Center, Northport Medical Center and Fayette Medical Center are closed to all but the most critical new patients. Our staff is caring for the patients who are currently in the hospital, and we have no plans to transfer current patients," the health system said.

RELATED: Wyoming health system hit with ransomware attack, diverts ER patients and cancels services

Wyoming health system Campbell County Health (CCH) continues to struggle to get its computer systems back online after being hit with a ransomware attack Sept. 20.

The ransomware affected all 1,500 of the organization’s computers, including its email server. "CCH continues working hard to restore our computer systems so we can resume normal operations," health system officials said in an updated statement posted online Wednesday. "We understand the response to these attacks can be frustrating for everyone in the community, but we have to be methodical in our response, to ensure no remnants of the malware remain on the system."

DCH is notifying patients with nonemergency medical needs to seek assistance from other providers while the hospital system works to restore its systems. Some outpatient procedures are still being conducted at DCH's hospitals.

According to local news source AL.com, the hospital system posted a statement on its website Tuesday about the ransomware attack and said a criminal is limiting the hospitals' ability to use its computer systems in exchange for an "as-yet-unknown payment."

RELATED: Moody's: Cyberattacks could cause significant financial disruption for hospitals

Tim Erlin, vice president of product management and strategy at cybersecurity firm Tripwire, said ongoing ransomware attacks highlight the need for hospitals and health systems to prioritize robust cybersecurity best practices.

“By the time you’re infected with ransomware, it’s too late. But we’re not likely to see news stories about a ransomware attack being successfully prevented either. The reality is that ransomware doesn’t just appear on a system. It has to get there through some other means, whether that’s phishing, a vulnerable system or a combination of those, the key to preventing ransomware infections is to close off the avenues for infection," Erlin said.

“Hospitals have made great strides in reducing infections with basic hygiene, and the same principle applies to cybersecurity. Basic cyber hygiene is key for preventing ransomware infections," he said.

Suggested Articles

Enrollment in the ACA's exchanges could increase by more than one million due to massive job losses caused by the COVID-19 pandemic.

Tenet Healthcare Corp. will pay $72.3 million to settle a whistleblower lawsuit involving alleged kickbacks to surgeons at an Oklahoma City hospital.

Telehealth startups continue to flourish. Case in point: Doctor on Demand raised $75 million in series D financing led by General Atlantic.