Prospect ransomware attack still affecting services in CT | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Two Connecticut hospital systems run by Prospect Medical Holdings still reported disruptions on Monday, more than a week since the health care company reported it had been the target of a ransomware cyberattack.

Prospect owns Waterbury Health, which operates Waterbury Hospital, as well as Eastern Connecticut Health Network or ECHN, which runs Manchester Memorial Hospital and Rockville General Hospital in Vernon.

The California-based health care company also owns hospitals in Rhode Island, Pennsylvania and California.

A banner on Prospect’s website still states the company and all of its medical facilities are “experiencing a systemwide outage.”

“We are working to resolve the issue as soon as possible and regret any inconvenience,” the message stated. 

ECHN’s website stated as of Monday weekday outpatient medical imaging, Evergreen and Tolland Imaging, the Women’s Center and outpatient blood drawing are closed “until further notice.” 

The hospital system now includes a list of temporary phone numbers so patients can contact their medical providers.

Waterbury Health said in an update that its computer systems “continue to be down throughout the network.”

“We are following downtime procedures, including the use of paper records,” the hospital system said. “The outage continues to affect some of our outpatient services, mostly diagnostic imaging and blood draw and some patient appointments. We have contacted and will continue to contact any affected patients.”

The FBI said it’s investigating the Prospect cyber security breach. 

A spokesperson for the state Department of Public Health last week also confirmed the agency had an “open investigation” into Manchester Memorial Hospital. It was unclear if the investigation was also looking into any other Prospect facilities in Connecticut. 

Prospect did not immediately respond to a message seeking comment on Monday. 

Ransomware involve thieves breaching a sensitive computer system and planting malware, which then encrypts or locks out the owners. The thieves then hold access to the system hostage until a ransom is paid. The hackers may also threaten to release sensitive data they’re able to access in the breach.

Experts said that while anyone can be the victim of ransomware, it’s a type of a cyberattack that’s increasingly seen as a threat to the health care sector, because medical providers hold troves of sensitive data from medical files to personal and billing information. 

In a 2022 FBI report, health care and public health institutions topped the list with the most instances of ransomware attacks reported to the agency. 

Experts said computer systems are often down for weeks while investigators try to find out the extent of the breach and isolate those systems. 


Click Here For The Original Source.

National Cyber Security