Breach Notification , Business Continuity Management / Disaster Recovery , Critical Infrastructure Security

Kentucky Hospital Still Struggles One Week After Cyberattack

A regional Kentucky hospital is the latest healthcare entity struggling to recover after a recent cyber incident brought down its phone systems, internet services, email and other systems.

See Also: JavaScript and Blockchain: Technologies You Can't Ignore

In an "urgent notice" posted on its website Wednesday, Taylor Regional Hospital, a 90-bed facility in Campbellville, Kentucky, says systems, including its phone network, are currently still down as it investigates a cybersecurity incident.

"We are working to restore our systems quickly and safely," the notice says. "In the meantime, TRH continues to provide quality care to our patients. We appreciate the community's patience and understanding, and we apologize for the inconvenience caused by this event."

Weeklong Disruptions

The hospital's Facebook page says that TRH on Jan. 19 initially posted a notice warning patients that all phone lines at the hospital and its hospital-owned provider offices were "currently down."

In recent days, the hospital has been adding temporary phone lines to reach its various departments and doctor offices, TRH's website says.

A TRH representative who spoke with Information Security Media Group from one of the organization's clinical offices via one of the temporary phone numbers declined to comment on the incident.

A TRH spokesperson did not immediately respond to ISMG's request for details about the incident, including whether it involved ransomware.

Impact to Patient Services

TRH says that due to its "system-wide outage," it is unable to schedule COVID-19 testing as previously planned. It says, however, "We are still testing at the Walk-In Clinic between the hours of 10:00 a.m. and 12:00 p.m. on a first-come, first-served basis. We will test during this time as long as our allocated tests are available."

On its website notice, TRH instructs patients to bring their current medications to any previously scheduled appointment.

Routine outpatient laboratory services are being performed, but only during limited hours, and "chemo and STAT orders will be accepted if needed. All patients will be required to bring a written order," the notice says.

"Patients who are receiving lab draws for outpatient procedures should expect longer than normal wait times. We appreciate your patience as our staff work diligently to meet everyone's needs."

Other Incidents

TRH is among a growing list of hospitals and other healthcare sector entities in recent months that have been forced to cancel, reschedule or delay a variety of services as the result of cyber incidents, including ransomware attacks, causing systems and networks - such as electronic health records and phone systems - to be taken offline.

Capital Region Medical Center, based in Jefferson City, Missouri, last month experienced a cyber incident that caused "a systemwide network outage" affecting its phone and computer systems.

And a ransomware attack in December on the Maryland Department of Health disrupted a variety of services - including healthcare professional credentialing - for weeks while the organization brought its systems back online (see: Maryland Health Department Confirms Attack Was Ransomware).

Last May, a ransomware attack disrupted San Diego, California-based Scripps Health's IT systems and patient care for nearly a month, costing the organization nearly $113 million, including $91.6 million in lost revenue, according to a financial report from the nonprofit entity.