New York community hospitals still impacted by Lockbit attack, weeks later

Carthage Area Hospital and Claxton-Hepburn Medical Center were forced to divert patients from the ransomware attack on August 31 and are still canceling appointments.
By Andrea Fox
11:32 AM

Photo by: Ted Horowitz/GettyImages

Two New York hospitals are still working to get back to normal operations following a reported ransomware attack that occurred this past month. While hospital operations are still affected, LockBit is threatening to release data it seized on September 19 if a ransom is not paid.

WHY IT MATTERS

Carthage Area Hospital is a 25-bed facility. According to a press release posted to the hospital's Facebook page on September 7, dialysis, cancer treatment and wound care appointments would continue as scheduled.

Claxton-Hepburn Medical Center is a 127-bed community hospital that also specializes in pediatric and mental healthcare. On Wednesday, the center posted an announcement to Facebook that appointments at area health centers and physician offices would be rescheduled for September 13 and 14.

While phone systems were reportedly restored on September 2, the two medical facilities have been diverting ambulances to other area hospitals and are rescheduling appointments for most services, including cardiology and labs.

Ongoing system recovery is being supported by the FBI, the New York State Department of Health and the Division of Homeland Security and Emergency Services, according to The Record.

The report noted on Thursday, LockBit added the hospital to its ransomware leak site with a deadline to pay the ransom by September 19.

THE LARGER TREND

LockBit has attacked hospitals before to steal patient and employee data.

In June, a small hospital in Ohio used a ransomware recovery tool to decrypt its files after a LockBit attack while LockBit offered a decryptor to Toronto-based SickKids in January in an apology posted to the dark web.

Rich Duvall, CEO of both hospitals, told local news that the Carthage Area Hospital and Claxton-Hepburn Medical Center have recovered most of their data, but confirmed that LockBit does have protected health information and other data to back up their ransom demand.

ON THE RECORD

“We’ve been notified by the threat actors or the people that committed this crime, this is a ransomware attack, and they are demanding a ransom,” Rich Duvall, CEO of both hospitals, told WWNY News 7.

Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org

Healthcare IT News is a HIMSS Media publication.

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.