Dive Brief:
- Kettering Health is facing a cyberattack that’s impacting patient care, the Ohio-based health system said on Tuesday.
- The provider was hit by a system-wide technology outage Tuesday morning due to unauthorized access to its network, Kettering said in a press release.
- Elective inpatient and outpatient procedures at the health system’s facilities were canceled Tuesday. Kettering’s call center was also knocked offline and might have been occasionally inaccessible, the provider added.
Dive Insight:
Kettering, which operates 14 medical centers and 120 outpatient facilities in Western Ohio, said only elective procedures were canceled. The health system’s emergency rooms and clinics continued to see patients, according to a press release.
“We have taken steps to contain and mitigate this activity and are actively investigating and monitoring the situation,” the system said.
However, some patients have received phone calls from scammers who claim to be Kettering employees and request credit card payment for medical expenses, the health system said Tuesday afternoon.
Kettering said it hasn’t established whether the scam calls are linked to the cyberattack. The system said it will not reach out by phone to ask for or receive payments until further notice.
The attack comes as cybersecurity has become a major challenge for the healthcare sector. An increased number of healthcare data breaches are linked to hacking or ransomware, a type of malware that denies users access to their data, according to a recent study published in JAMA Network Open.
Cyberattacks and IT system outages can also have significant consequences for patients, forcing health systems to delay care or divert emergency cases to nearby facilities. The industry is a lucrative target for cybercriminals, given providers’ motivation to end patient care disruptions and the high value of stolen medical records, experts say.
The healthcare industry has recently weathered major cybersecurity incidents. In early 2024, UnitedHealth-owned claims processor Change Healthcare was hit by a ransomware attack, exposing data from 190 million people — the largest healthcare breach ever reported to federal regulators.
The sector will continue to face cyberattacks and attempted intrusions, experts say. This year, Yale New Haven Health found an unauthorized third party had gained access to its network, comprising data from about 5.6 million people. Kidney dialysis provider DaVita also faced a ransomware attack last month.
Editor’s note: This story has been updated to include additional details about the Kettering cyberattack.
