On Christmas Day, Anna Jaques Hospital in Newburyport, MA, was targeted by a cyberattack. The Anna Jaques Hospital Cyberattack on Christmas Day resulted in an outage of its medical record system. To ensure patient care was not compromised, the hospital administration decided to redirect ambulances to nearby hospitals until the systems were restored.
Exact Nature of Anna Jaques Hospital Cyberattack Still Uncertain
Following the Anna Jaques hospital cybersecurity incident on December 26, 2023, the emergency department resumed accepting patients.
Currently, there is limited information available regarding the specifics of the attack, including whether the attackers accessed patient information.
To address the situation, external cybersecurity experts have been engaged to investigate the Anna Jaques hospital cyber incident. As the investigation progresses, additional details will be shared.
It is worth noting that the hospital’s electronic health care records were among the systems affected by the attack, as confirmed by a spokesperson from the Newburyport hospital.
“Recovery efforts are still in progress,” a spokesperson said Friday.
According to a report by the Newburyport Daily News, the cyberattack took place on Christmas Day, resulting in the temporary diversion of ambulances from Anna Jaques Hospital to other hospitals in the vicinity.
“Patient safety remains our top priority, and the hospital remains open to all patients. We appreciate the community’s patience as we work through this investigation,” a spokesperson said.
What are the Risks of Cybersecurity in Hospitals?
The key risks of cybersecurity in hospitals include:
- Phishing attacks: Prevalent threat through emails containing malicious links, which can lead to data breaches and unauthorized access.
- Ransomware attacks: Hospitals are increasingly targeted, encrypting critical systems and demanding ransom for their release. This disrupts patient care, compromises records, and causes financial losses.
- Data breaches: Hospitals possess valuable PHI, financial data, and IP. Stolen health records fetch high prices on dark web, making them targets.
- Patient safety risks: Cyberattacks like the Anna Jaques Hospital cyberattack can hinder effective care through disruptions to medical records and devices. Hackers may alter patient data potentially causing harm.
Why do Cyber Attackers Target Hospitals?
Hospitals are targeted because:
- Valuable data: They hold wealth of valuable PHI, financial data, and IP that fetch significant profits on dark web.
- Limited cybersecurity: Healthcare organizations are often underprepared to defend against attacks due to limited investment and awareness of vulnerabilities.
- Impact on patient care: Attacks can severely impact critical infrastructure by freezing essential systems, leading to treatment delays and diversions potentially harming patients.
Read our cybersecurity assessment guide to assess the level of risk for your organization.