Memorial Health System in Ohio Latest Entity Hit With Attack

Memorial Health System in Ohio is the latest healthcare entity hit with an apparent ransomware incident that is disrupting patient care services.

See Also: 2021 Unit 42 Ransomware Threat Report

Based in Marietta, Ohio, Memorial Health System says it detected early on Sunday morning a security incident that prompted the organization to divert emergency care patients from three of its hospitals to other area facilities.

User Access Suspended

In a statement, Memorial Health System says that in response to the incident, it suspended user access to IT applications related to its operations.

“We have implemented extensive information technology security protocols and is working diligently with security partners to restore information operations as quickly as possible. Federal law enforcement has also been notified,” the statement says.

In the meantime, the incident “may result in temporary disruptions to certain aspects of our clinical and financial operations,” the statement says.

“Maintaining the safety and security of our patients and their care is our top priority and we are doing everything possible to minimize disruption,” said Scott Cantley, Memorial Health System president and CEO in the statement.

“Staff at our hospitals – Marietta Memorial, Selby, and Sistersville General Hospital – are working with paper charts while systems are restored, and data recovered.”

All urgent surgical cases for Monday had been cancelled and patients notified, the statement notes. In addition, all radiology exams have been cancelled. However, as of Monday, all primary care appointments were conducted as scheduled, Memorial Health says.

“At this time no known patient or employee personal or financial information has been compromised,” Cantley said in the statement.

“We are continuing to work with IT security experts to methodically investigate to precisely understand what happened and are taking the appropriate actions to resolve any and all issues.”

As of Monday evening, the entity was still addressing the situation, a Memorial Health spokeswoman told Information Security Media Group.

“There is no significant change today. We continue to work with national cybersecurity experts on prevention and remediation and are optimistic that we can begin resolution by the end of this week,” she said.

Disturbing Trend

Memorial Health System did not disclose whether its incident involves ransomware.

However, Brett Callow, a threat analyst at Emsisoft notes this latest incident is among a long string of very troubling ransomware attacks on healthcare sector entities in recent weeks and months.

“So far, we’ve been lucky and attacks on hospitals haven’t actually resulted in a loss of life – but that luck will not last forever,” he says.

“The attacks will kill somebody sooner or later, that’s pretty much a given. It’s absolutely critical that we find a way to better protect healthcare providers – or stop the attacks against them – before that happens,” he says.

“Unfortunately, that’s easier said than done and I don’t see any way to tackle the problem quickly. Governments should have started taking the problem seriously, and taking strong and decisive action, long before the attack on Colonial Pipeline.”

Sioux Falls, South Dakota-based Sanford Health and Indianapolis, Indiana-based Eskenazi Health were also targets last week of cyberattacks – both apparently involving ransomware – also causing patient care postponements and cancellations (see 2 Healthcare Systems Recovering from Cyberattacks).

Those incidents came on the heels of recent ransomware attacks on Scripps Health and UF Health Central Florida.

The recent ransomware attack that disrupted Scripps Health’s IT systems and patient care for nearly a month has so far cost the San Diego-based organization nearly $113 million, including $91.6 million in lost revenue, according to a financial report the nonprofit entity filed last week with a municipal securities regulator.