Ascension St. John ransomware attack update five days later | #ransomware | #cybercrime

A ransomware attack is still affecting Ascension St. John after the cybersecurity issue was first reported by the health care system Wednesday, with the midtown Tulsa hospital’s emergency room remaining on divert status.

Ascension St. John officials posted an updated statement Saturday, reporting they had connected with the FBI and other federal agencies about the cybersecurity incident involving ransomware.

“We remain in close contact with the FBI and CISA, and we are sharing relevant threat intelligence with the Health Information Sharing and Analysis Center so that our industry partners and peers can take steps to protect themselves from similar incidents,” the statement reads. “While our restoration work continues in earnest, our focus is on restoring systems as safely as possible. While we expect this process will take time to complete, we are making progress and systems are being restored in a coordinated manner at each of our care sites.”

People are also reading…

A spokeswoman at Ascension St. John in Tulsa said Monday she would be unable to provide anything beyond that statement. An EMSA spokesman on Monday confirmed ambulances are still receiving guidance to divert patients to other hospitals.

Casey Zandbergen contacted the Tulsa World about his experience taking an elderly family member to the Ascension St. John ER twice last week. 

“We got to experience St. John pre-crash and then post-crash,” he said. “It was not the same thing. It was like two completely different hospitals.”

Zandbergen said they arrived at the ER early Wednesday before the computer system outage began. Because it was clear his elderly relative was in need of immediate care, they spent almost no time in triage. But once they were in an ER room with a care team, the problems began.

“At first they thought the Wi-Fi was down,” Zandbergen said. “And then I actually heard one of the nurses say ‘Did we get hacked?'”

Having worked in the IT industry for 25 years, Zandbergen said he’s familiar with cybersecurity because of his job. When the computer outage was first apparent, he said he thought it would be a problem, but “These are doctors and nurses, they know what to do. They’re gonna be able to figure this out.”

But then imaging systems went offline. His relative was moved to the ICU, but her records didn’t. Zandbergen was initially able to pull up the records through Ascension’s online patient portal, but that, too, went down. 

“One of the nurses said ‘This is wild.’ None of them — there was no process in place other than ‘Do your job and try to figure out how to keep this person alive.'”

Zandbergen’s relative was transferred again, this time to the cardiac unit. They waited 24 hours and never saw a doctor. The electronic handoff between physicians in different departments didn’t happen, he said, so nurses just started paging doctors until someone came to take on the case.

Feeling frustrated, Zandbergen said his conversation with a charge nurse was when “things got really interesting.” 

“She said when that (corporate) statement came out, she had three nurses in tears because they knew they were not able to provide the patients the care they needed. She went on to say that morning (Friday), when she came on shift, that she was charting on wallpaper while a patient was coding because they didn’t have any charting system in place and she basically had to invent one in the past 24 hours.”

When he first reached out to talk to Tulsa World about his concerns, Zandbergen said he felt it’s clear the backup system isn’t working like what was implied in Ascension’s statement. He said before reams of copy paper showed up, he saw some health care providers taking notes on paper towels.

“It was a mess. Just an absolute joke,” he said Monday. “Things went off the rails, and it was ridiculous.”

In addition to concerns about patient care, Zandbergen said, we should be concerned about those who are trying to take care of the patients without appropriate backup systems in place.

“This is impacting them, as well, because they’re just trying to do a job,” he said, “but their job has been automated to a point where if that automation goes away, they can’t do that job anymore.”

Tulsa World is where your story lives

The Tulsa World newsroom is committed to covering this community with curiosity, tenacity and depth. Our passion for telling the story of Tulsa remains unwavering. Because your story is our story. Thank you to our subscribers who support local journalism. Join them with limited-time offers at

Source link


National Cyber Security