Since Thanksgiving Day, a network of hospitals in East Texas has been unable to receive ambulances to emergency rooms due to a potential cyber security incident, according to a hospital spokesperson speaking to CNN on Friday. UT Health East Texas is currently using established downtime procedures while investigating the incident and working to bring computers back online, said spokesperson Allison Pollan in an email.
Pollan did not respond to subsequent phone calls seeking more information on the incident and how the hospitals were responding. She declined to answer further questions over email.
Based in Tyler, Texas, UT Health East Texas operates 10 hospitals and more than 90 clinics in the region, and provides health care to thousands of patients annually, according to its LinkedIn page.
The East Texas health care system is the most recent hospital group to have to refuse ambulances due to a suspected cybersecurity issue. Over the last nine months, cyberattacks have led to ambulances being redirected from hospitals in Connecticut, Florida, Idaho, and Pennsylvania. The incident at UT Health East Texas began on Thursday when the hospital network discovered a network outage, prompting them to initiate a network lockdown according to a statement given to CNN.
The hospital network originally anticipated that computer systems would be restored in the next 24-36 hours, but it is uncertain if that timeline will be met.
Officials from the Department of Health and Human Services and the US Cybersecurity and Infrastructure Security Agency (CISA), both federal agencies responsible for assisting hospitals in defending against hackers, did not immediately respond to requests for comment. Similarly, the FBI, which also handles hospital hacks, did not immediately provide a comment.
Federal officials and critical infrastructure operators, such as hospitals and power plants, are particularly concerned about the risk of ransomware and other cyberattacks over long holiday weekends, when many Americans have the day off and cybersecurity teams may be stretched thin.
Since the onset of the coronavirus pandemic in 2020, hundreds of health care providers across the US have experienced cyberattacks that forced them offline. Health care organizations often lack the necessary cybersecurity resources to effectively address these threats.
Despite increased attention from healthcare associations and federal officials, the problem persists. Last week, CISA released a comprehensive cybersecurity plan to assist in safeguarding hospitals from cyber attacks. According to Allan Liska, a ransomware expert at cybersecurity firm Recorded Future, there were 209 publicly reported ransomware attacks on US healthcare organizations in 2023, compared to 162 attacks in 2022, as reported by CNN on Friday.