Sign up for the Today newsletter
Get everything you need to know to start your day, delivered right to your inbox every morning.
Mass. hospitals hit by cyberattack that caused network outage
Both of the affected hospitals are owned and managed by Heywood Medical Group, a non-profit physician organization.
Two Massachusetts hospitals are still reeling from a network outage last week that was later discovered to be caused by a cyberattack.
Heywood Hospital in Gardner, which has 134 beds, and Athol Hospital in Athol, which has 25 beds, first reported being impacted by the outage Oct. 13 on Facebook. Though they continued to care for in-patients, the outage impacted numerous hospital systems, causing ambulances to be diverted.
The hospitals were later placed on “Code Black,” a last-resort emergency status which led patients to be transferred to other facilities, Central Massachusetts EMS said Oct. 15 in a Facebook post. By Oct. 17, the Code Black was removed, but the hospitals remained fraught with “limited capabilities.”
Advertisement:
Due to the network’s systems still being partially down, the hospitals had to triage emergency patients and determine whether or not they could admit them with their limited resources. The outage notably impacted Heywood Hospital’s CAT scan machine, according to Central Massachusetts EMS.
Other specific systems affected by the outage included the hospital network’s email, phones, and radiology and lab services, according to Information Security Media Group.
Both hospitals are owned and managed by Heywood Medical Group, a non-profit physician organization. The group confirmed Oct. 16 that the network outage was caused by “a cybersecurity incident.”
Advertisement:
“Upon discovery, we immediately activated our response protocols and took affected systems offline to protect our network and patients,” the organization said on Facebook. “We are working closely with third-party cybersecurity experts to assess the situation and restore full functionality as quickly and safely as possible.”
Though certain systems were “not currently available,” both hospitals continued in-patient care, according to the organization. However, patients who had appointments scheduled with a Heywood Medical Group provider were instructed to instead use the group’s Athenahealth portal.
Though the systems were quickly taken offline to protect hospital staff and patients, the hospital group has not confirmed whether any patient data was breached in the cyberattack.
To comment, please create a screen name in your profile
To comment, please verify your email address
Conversation
This discussion has ended. Please join elsewhere on Boston.com