New Jersey’s Largest Hospital System Acknowledges Ransomware Attack

Dec. 16, 2019
Some IT systems were down for five days last week

New Jersey’s largest hospital network, Hackensack Meridian Health, was attacked last week by cyber criminals who used ransomware to disrupt the organization’s computer systems for about five days.

According to local media reports, while the 17-hospital health system originally declined to acknowledge what caused the attack,  a statement from the organization last Friday noted, “Due to developments in the investigation, and on advice of national experts, we could not disclose that this was a ransomware attack until now,” NJ.com reported.

That Dec. 13th statement from health system officials continued, “Our network’s primary clinical systems are operational, and our IT teams continue working diligently to bring all applications back online safely. Based on our investigation to date, we have no indication that any patient or team member information has been subject to unauthorized access or disclosure.” Officials emphasized that patient safety “was not compromised,” noting that approximately 100 elective surgeries were rescheduled, but other disruptions were minimal.

A spokesperson for the union Health Professionals and Allied Employees, or HPAE, told NJ.com, however, that there had been delays in orders and lab work, while clinical staff and others have had to double-check paperwork since the electronic systems were down.

Media reports also noted that Hackensack leaders said that the organization has insurance coverage for these types of emergencies, and used those funds to pay the hackers, as well as other remediation and recovery efforts, though the organization did not disclose how much was paid.

Ransomware attacks continue to plague healthcare organizations across the U.S.; the annual Verizon Data Breach Investigations Report, released earlier this year, revealed that for the second straight year, ransomware incidents were over 70 percent of all malware outbreaks in the sector. Another report from 2018 noted that the number of reported major IT/hacking events attributed to ransomware by healthcare institutions increased by 89 percent from 2016 to 2017.

Hackensack Meridian, based in Edison, N.J., is a $6 billion nonprofit system operating 17 acute care and specialty hospitals, nursing homes, outpatient centers and the psychiatric facility Carrier Clinic.

Sponsored Recommendations

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...

5 Strategies to Enhance Population Health with the ACG System

Explore five key ACG System features designed to amplify your population health program. Learn how to apply insights for targeted, effective care, improve overall health outcomes...

A 4-step plan for denial prevention

Denial prevention is a top priority in today’s revenue cycle. It’s also one area where most organizations fall behind. The good news? The technology and tactics to prevent denials...

Healthcare Industry Predictions 2024 and Beyond

The next five years are all about mastering generative AI — is the healthcare industry ready?