Ardent Health Services and its affiliated services have been affected by an incident, confirming it to be a ransomware attack.
In a statement, it has revealed that they have taken the affected systems and network offline and suspended user access to information technology applications, including corporate servers, Epic software, internet, and clinical programs.
Law enforcement has been informed, and third-party forensic and threat intelligence advisors have been engaged.
The full extent of compromised patient health or financial data remains undetermined, and investigations are ongoing. Despite the incident, patient care continues in Ardent’s hospitals, emergency rooms and clinics.
In precautionary measures being taken by the healthcare provider, some non-urgent, elective procedures are being rescheduled and emergency room patients are redirected to other area hospitals until systems are fully operational.
Ardent, which operates 30 hospitals across six US states, confirmed its IT teams are actively working to restore access. But the timeline for returning to normal operations is yet to be established. Hospitals are assessing their ability to safely care for critically ill patients in the emergency room, with updates provided as the situation evolves.
While this move does come at the expense of the health, wellbeing, and security of all of Ardent’s patients, they cannot have taken this move lightly, and it speaks to the likely seriousness of this attack.
Companies must implement ongoing patch management and deploy proactive cybersecurity solutions to protect their valuable assets. Attackers can exploit vulnerabilities faster than IT can patch them, so active defenses can buy you time.
