Ardent Health Services Hospitals Hit by Ransomware Attack

Nov. 27, 2023
Many of hospital operations company’s facilities are diverting emergency room patients to other area hospitals until systems are back online

Ardent Health Services announced that it suffered a ransomware attack on the morning of Nov. 23, 2023. Nashville-based Ardent said it proactively took its network offline, suspending all user access to its IT applications, including corporate servers, Epic software, internet and clinical programs.

Through its subsidiaries, for-profit Ardent owns and operates 30 hospitals and more than 200 sites of care with more than 1,400 aligned providers in six states. 

Ardent said it has reported this event to law enforcement and retained third-party forensic and threat intelligence advisors. “In addition to electronic protection procedures already in place, Ardent has also implemented additional information technology security protocols and is working with specialist cybersecurity partners to restore its information technology operations and capabilities as quickly as possible. At this time, we cannot confirm the extent of any patient health or financial data that has been compromised,” the company said.

While this incident has resulted in temporary disruption to certain aspects of its clinical and financial operations, Ardent stresses that patient care continues to be delivered safely and effectively in its hospitals, emergency rooms, and clinics. “In an abundance of caution, our facilities are rescheduling some non-emergent, elective procedures and diverting some emergency room patients to other area hospitals until systems are back online.”
Ardent said that MyChart and On-Demand Video Visits are temporarily unavailable. 

The investigation and restoration of access to electronic medical records and other clinical systems is ongoing. Ardent said it is still determining the full impact of this event and it is too soon to know how long this will take or what data may be involved in this incident.

Among the impacted health facilities are Pascack Valley Medical Center in Westwood, N.J., and Mountainside Medical Center in Montclair, N.J., which are both part of the Hackensack Meridian Health system.

According to HIPAA Journal, 10-hospital UT Health East Texas and Portneuf Medical Center in Pocatello, Idaho, were hit by the attack that resulted in a network outage, which put emergency rooms on divert status.

The University of Kansas Health System St. Francis Campus also experienced a network outage due to the security incident. “Our team is working to assess the impact of this outage and restore access, and we will follow established downtime protocols as needed,” a statement from the health system said. “Patient care has not been adversely impacted. As a precaution, our Emergency Room is currently on divert status.”

Other Ardent subsidiaries reporting outages include BSA Health System in Amarillo, Texas, and Lovelace Health System in New Mexico.



Sponsored Recommendations

Healthcare Trends 2024: Trends & Strategies for Future Success

Explore the future of healthcare in 2024 with insights from the Healthcare Industry Trends Report. Stay ahead of the curve as we delve into the latest industry developments and...

Trailblazing Technologies: Looking at the Top Technologies for the Emerging U.S. Healthcare System

Register for the first session of the Healthcare Innovation Spotlight Series today to learn more about 'Healthcare's New Promise: Generative AI', the latest technology that is...

Data: The Bedrock of Digital Engagement

Join us on March 21st to discover how data serves as the cornerstone of digital engagement in healthcare. Learn from Frederick Health's transformative journey and gain practical...

Northeast Georgia Health System: Scaling Digital Transformation in a Competitive Market

Find out how Northeast Georgia Health System (NGHS) enabled digital access to achieve new patient acquisition goals in Georgia's highly competitive healthcare market.