HealthAlliance Hospital in Kingston, along with Margaretville Hospital and Mountainside Residential Care Center, experienced a cyberattack, prompting a diversion of ambulance services and a shutdown of their IT systems.
What happened
HealthAlliance Hospital, Margaretville Hospital, and Mountainside Residential Care Center recently experienced a cyberattack affecting their IT systems. To address the issue and implement security measures, all interconnected systems at these facilities were shut down starting at 10 p.m. on Friday, October 20.
On Saturday, October 21, HealthAlliance Hospital and Margaretville Hospital resumed operations, providing care to walk-in patients by conducting necessary assessments and treatments. Patients were either released or stabilized and transferred to other WMCHealth facilities as needed. During this time, Mountainside Residential Care Center reported no disruptions in the care provided to its residents. The focus remained on restoring the IT systems, with the goal of resuming full services.
See also: Executive summary: Q3 healthcare cybersecurity trends
What they're saying
Josh Ratner, CEO of HealthAlliance of the Hudson Valley and Executive Vice President and Chief Strategy Officer of WMCHealth, stated, "I want to applaud everyone at HealthAlliance Hospital, Margaretville Hospital and Mountainside Residential Care Center for all of their hard work and dedication while facing an incredibly difficult situation, helping us return to full operations sooner than expected while continuing to provide the best possible care for patients in our community.
"This helped demonstrate the strength of the entire WMCHealth Network, with hospitals, physicians, nurses and administrators from across the network playing a vital role in making sure our patients were cared for as we worked to regain full operations, resume admitting patients and minimize any impacts of this disruption."
Why it matters
The recent attack aligns with a troubling pattern, which shows a significant rise in incidents from July 2022 to July 2023. An increasing number of ransomware groups are targeting a diverse range of organizations. Attacks like the MOVEit breach, orchestrated by the Russia-based group Clop, have widespread repercussions, affecting millions of people and organizations globally.
Related: FBI releases document outlining recent ransomware trends
What's next
While this process is ongoing, the significant progress made allowed the hospitals to regain all essential capabilities, enabling the full resumption of operations. Subsequent steps will include a continued focus on strengthening the network's security measures, ongoing monitoring, and further enhancing the IT infrastructure.
See also: HIPAA Compliant Email: The Definitive Guide
Kirsten Peremore
