Kettering Health back online following cyber security crisis

Nearly a month after suffering a significant cyber attack, Kettering Health has finally restored its affected systems and resumed normal operations.

 

Last month, in a data security incident notice published on its website, Ohio-based healthcare provider Kettering Health said that on May 20, it experienced a system-wide technology outage that affected its ability to access patient care systems across the organisation.

 

An investigation, with assistance from external cyber security experts, revealed that Kettering Health was a victim of a ransomware attack where the Interlock ransomware group infiltrated its internal network, encrypted its systems and stole confidential patient and staff data.

 

“Elective inpatient and outpatient procedures at Kettering Health facilities have been canceled for today, Tuesday, May 20. These procedures will be rescheduled for a later date and more information will be provided on this as updates are available. In addition, our call center is experiencing an outage and may not be accessible,” Kettering Health said.

 

Kettering Health added that “procedures are being evaluated on a case-by-case basis based upon collaborative decision-making between care teams, with safety as our highest priority. 

 

In an update shared on June 10, Kettering Health said it has restored normal operations for key services, including surgery, imaging, retail pharmacy, and physician visits. 

 

“MyChart access has been restored, allowing individuals to view and schedule appointments and communicate with their healthcare provider. Our phone lines and call centres are also stable and functional across the organisation,” the healthcare provider said.

 

As of June 16, Kettering Health discontinued its temporary urgent clinical support line and resumed its normal operations including MyChart access, phone lines at practice offices, and hospital call centres.

 

On June 4, the Interlock ransomware group claimed responsibility for the security incident on Kettering Health and listed it as a victim on its data leak site. The group claimed to have obtained 941 GB of data, including sensitive patient information, pharmacy and blood bank records, payroll data, police personnel files, scanned identity documents such as passports, and more.

 

The hacker group gave Kettering Health a 72-hour deadline to meet its ransom demands. Following unsuccessful negotiations, the group has since released the stolen data.