(844) 627-8267
(844) 627-8267

Ascension St. John ransomware attack update five days later | #ransomware | #cybercrime

Update (May 17): The emergency room at Ascension St. John in Tulsa is no longer on divert status.

A ransomware attack is still affecting Ascension St. John after the cybersecurity issue was first reported by the health care system Wednesday, with the midtown Tulsa hospital’s emergency room remaining on divert status.

Ascension St. John officials posted an updated statement Saturday, reporting that they had contacted the FBI and other federal agencies about the cybersecurity incident involving ransomware.

“We remain in close contact with the FBI and CISA (the Cybersecurity and Infrastructure Security Agency), and we are sharing relevant threat intelligence with the Health Information Sharing and Analysis Center so that our industry partners and peers can take steps to protect themselves from similar incidents,” the statement reads.

People are also reading…

“While our restoration work continues in earnest, our focus is on restoring systems as safely as possible. While we expect this process will take time to complete, we are making progress and systems are being restored in a coordinated manner at each of our care sites.”

A spokeswoman at Ascension St. John in Tulsa said Monday that she was unable to provide any information beyond that statement.

An EMSA spokesman confirmed on Monday that ambulances are still receiving guidance to divert patients to other hospitals.

“Some non-emergent elective procedures, tests and appointments have been temporarily paused while we work to bring systems back online,” Ascension said.

Casey Zandbergen contacted the Tulsa World about his experience taking an elderly family member to the Ascension St. John ER twice last week.

“We got to experience St. John pre-crash and then post-crash,” he said. “It was not the same thing. It was like two completely different hospitals.”

Zandbergen said they arrived at the ER early Wednesday before the computer system outage began. Because it was clear that his elderly relative was in need of immediate care, they spent almost no time in triage. But once they were in an ER room with a care team, the problems began.

“At first they thought the Wi-Fi was down,” Zandbergen said. “And then I actually heard one of the nurses say, ‘Did we get hacked?’”

Having worked in the IT industry for 25 years, Zandbergen said he’s familiar with cybersecurity. When the computer outage was first apparent, he said he thought it would be a problem, but “these are doctors and nurses; they know what to do. They’re gonna be able to figure this out.”

But then imaging systems went offline. His relative was moved to the ICU, but her records didn’t follow. Zandbergen initially was able to pull up the records through Ascension’s online patient portal, but that, too, went down.

“One of the nurses said, ‘This is wild.’ None of them — there was no process in place other than ‘do your job and try to figure out how to keep this person alive.’”

Zandbergen’s relative was transferred again, this time to the Cardiac Unit. They waited 24 hours and never saw a doctor. The electronic handoff between physicians in different departments didn’t happen, he said, so nurses started paging doctors until someone came to take on the case.

Feeling frustrated, Zandbergen said his conversation with a charge nurse was when “things got really interesting.”

“She said when that (corporate) statement came out, she had three nurses in tears because they knew they were not able to provide the patients the care they needed. She went on to say that morning (Friday), when she came on shift, that she was charting on wallpaper while a patient was coding because they didn’t have any charting system in place and she basically had to invent one in the past 24 hours.”

When he first reached out to talk to the Tulsa World about his concerns, Zandbergen said he felt it was clear that the backup system wasn’t working like what was implied in Ascension’s statement. He said that before reams of copy paper showed up, he saw some health care providers taking notes on paper towels.

“It was a mess. Just an absolute joke,” he said Monday. “Things went off the rails, and it was ridiculous.”

In addition to concerns about patient care, Zandbergen said, we should be concerned about those who are trying to take care of the patients without appropriate backup systems in place.

“This is impacting them, as well, because they’re just trying to do a job,” he said, “but their job has been automated to a point where if that automation goes away, they can’t do that job anymore.”

The Tulsa World is where your story lives.

The Tulsa World newsroom is committed to covering this community with curiosity, tenacity and depth. Our passion for telling the story of Tulsa remains unwavering. Because your story is our story. Thank you to our subscribers who support local journalism. Join them with limited-time offers at tulsaworld.com/story.

Source link


National Cyber Security