Chicago Children’s Hospital Network Still Offline Following ‘cybersecurity Matter’

An article from

Dive Brief:

• A Chicago children’s hospital has been without computer system access for over a week following a “cybersecurity matter.”
• Phone, email and electronic systems at Lurie Children’s Hospital are still offline, the pediatric provider reported on Monday. The hospital had initially reported the network outage on Jan. 31. 
• The incident comes as the healthcare sector faces increased threats of cyberattacks. Federal regulators have pushed for the industry to boost its protections to safeguard patient care and privacy. 

Dive Insight: 

In response to the cybersecurity incident, Lurie has intentionally limited its email system to stop receiving or sending external messages, prevented outbound internet traffic and taken its electronic health record system offline.

The nonprofit hospital also can’t receive external calls, except to a call center set up to assist patients and families as the provider works to restore its network. 

But Lurie — which provides care for more than 239,000 children each year — is still accepting patients, and has been operating under “downtime procedures” to continue providing care during system outages, the hospital said.

“Please understand this process takes time,” Lurie wrote on its website. The hospital said it has teams of internal and external experts responding to the incident and is collaborating with law enforcement.

The hospital didn’t specify the type of cybersecurity incident that occurred, but other healthcare providers have been forced to take systems offline due to cyberattacks — sometimes taking weeks to fully restore operations. 

Ardent Health Services, which runs about 30 hospitals across six states, learned of a ransomware attack on Thanksgiving, and suspended access to its IT systems and diverted emergency care to nearby facilities.

Ransomware, where cybercriminals deny access to a victim’s data and demand payment in return for restored access, pose a critical threat to the healthcare sector, as these attacks can delay or degrade a provider’s ability to offer services.

Ardent was able to restore access to its EHR in early December, and resumed non-emergent surgeries later that month. It took about six weeks before the operator could fully fix its MyChart patient portal. 

Recent ransomware attacks against CommonSpirit Health and Prospect Medical Holdings also took weeks to resolve.

Cyberattacks and data breaches are also costly for providers to manage. Another Illinois hospital, St. Margaret’s Health, closed its doors over the summer, citing a ransomware attack as one factor behind its closure.