FBI is investigating a large-scale extortion attack that has affected two American networks of medical institutions operating in the state of Convention: Eastern Connecticut Health Network (ECHN) and Waterbury Health, which are part of the Prospect Medical Holdings.
The emergency care departments of the Memorial Hospital of Manchester and the General Profile Hospital Rockville have temporarily suspended ambulance services until all internal system issues are resolved.
According to Robert Fuller, the head of the local FBI department in New Haven, the investigation is being conducted in close collaboration with the affected organizations and law enforcement officers. Specific details of the incident have not been disclosed.
Gillian Menzel, the chief operating director of the ECHN network, confirmed in an interview with local media that the extortion attack did take place, but the full extent of the attack is still unknown.
In response to the incident, the Waterbury Health representative office provided slightly more details through a statement on their Facebook page, but did not mention the involvement of compliance. They stated, “Our computer systems have experienced a failure that has affected all stationary and outpatient operations of Waterbury Hospital. We are currently reassessing our capabilities and may transfer some prescribed patient methods.”
As of now, there have been no reports of any leaks of personal data of patients or medical information. However, the full impact of the attack is yet to be evaluated.
The affected hospitals have switched to paper document management. Patients continue to visit for examinations and consultations as usual. The medical institutions have assured that they are working diligently to restore their systems and will contact patients if their data is at risk.
ProSpect Medical Holdings, the company that controls the affected medical institutions, manages a total of 16 hospitals and a network of over 165 outpatient clinics across several states. In Connecticut alone, the holding serves 19 cities with the institution impacted by the extortion attack.
Cybersecurity experts emphasize that medical organizations are often targeted by hackers due to their critical dependence on IT infrastructure. Their main recommendation for these institutions is to prioritize defense measures, implement modern intrusion systems, regularly update software, and provide personnel training to combat attacks.