Latest hospital cyberattack shows how health care systems' vulnerability can put patients at risk

Tulsa, Oklahoma — Annie Wolf's open-heart surgery was just two days away when the Hillcrest Medical Center in Tulsa, Oklahoma, called, informing her that her procedure had been postponed after a major ransomware attack.

"I've got a hole in my mitral valve, and basically walking around, I can't breathe," Wolf told CBS News. "And I get very fatigued, very tired, very quickly. If I go to the store, I've got to ride the scooter."

Wolf is just one of the patients impacted after Ardent Health Services says it became aware of the cyber breach on Thanksgiving day affecting 30 hospitals and more than 200 health care sites across six states.

J.D. Bloomer has had an annual cancer check since he was diagnosed in 2008. However, the cyberattack turned his routine visit at the University of Kansas Healthcare System St. Francis campus in Topeka into a scheduling headache.

"They informed me that my procedure for tomorrow had been canceled," Bloomer told CBS News. "...I said, 'OK, when will be rescheduling?' And she said, 'When the network returns.'"

In a statement, Ardent said it immediately began safeguarding confidential patient data, and protectively took its computer network offline, which required some facilities, including two in New Jersey, to divert ambulances to nearby medical centers.

Ardent said that "in an abundance of caution, our facilities are rescheduling some non-emergent, elective procedures and diverting some emergency room patients to other area hospitals."

Ardent has not announced a timeline for when the issue could be resolved.

According to the Institute for Security and Technology, at least 299 hospitals have suffered ransomware attacks in 2023.

"Well, I think, there's always the concern of loss of life," Kiersten Todt, former chief of staff at the Cybersecurity and Infrastructure Security Agency, said about the impact on the 911 infrastructure when a hospital system is crippled by a cyberattack. 

Dr. Christian Demef, co-director of the UC San Diego Center for Healthcare Security, is a hacker turned emergency room physician who saw firsthand how a ransomware attack impacted his San Diego hospital after a 2021 hack crippled a nearby facility.  

"We saw three times the number of ambulances one day than we ever had before because of a ransomware attack in our community," Demef said. 

"Life-threatening time-sensitive medical conditions like stroke, trauma, heart attacks, all of these minutes truly matter," he added. "And when these systems are down, we can't do our job effectively."

"Malicious actors want to make money off of it," Todt said.

"It absolutely is" motivated by profit, according to Todt. "It's an economic model. The tragedy is that it's an economic model that...happens to capitalize on an infrastructure that is responsible for human lives."

In:
• Cyberattack
• Health Care

Nicole Sganga

CBS News reporter covering homeland security and justice.

Twitter