News

Ardent Health Services, Tennessee, responds to ransomware attack

Ardent Health Services, based in Nashville, Tennessee, has reported that it has been the victim of a ransomware attack.

After becoming aware of the attack on the morning of November 23rd, 2023, Arden responded by taking its network offline, and suspending user access to its IT solutions, including corporate servers, Epic software, and clinical programs.

After filing a report with law enforcement, Ardent has retained forensic and threat intelligence advisors, and added extra security protocols, “working with specialist cybersecurity partners to restore its information technology operations and capabilities as quickly as possible”.

In a post published on the company’s website, Ardent states that it “cannot confirm the extent of any patient health or financial data that has been compromised”, and that “it is too soon to know how long this will take or what data may be involved in this incident”.

The company reassures its customers that despite the disruption, it is continuing to deliver safe and effective patient care across its hospitals and clinics, with precautions including the rescheduling of some procedures and the diverting of patients to other hospitals until systems are back online.

In news on cybersecurity, Kathy Hochul, Governor of New York State, has announced statewide proposed cybersecurity regulations for hospitals, to help “safeguard health care systems from growing cyber threats”. The announcement follows warnings from the US Department of the Treasury, the FBI, and the Cybersecurity and Infrastructure Security Agency, that hospitals are a target for cyberattacks.