Getty Images

OakBend Medical Center Confirms Data Theft Following Ransomware Attack

OakBend Medical Center is working to rebuild its communication systems after a ransomware attack forced the Texas hospital to take its systems offline.

UPDATE 9/28/2022 - This article was updated to include new information about OakBend's recovery efforts. 

Texas-based OakBend Medical Center is in the process of rebuilding its communication systems in the aftermath of a ransomware attack that occurred on September 1, it informed patients via a notice on its website. OakBend is a nonprofit hospital located in the Greater Houston area. 

In its latest update, OakBend confirmed that the ransomware attack resulted in data theft. 

“At no time was patient safety ever in jeopardy,” the notice explained. In compliance with OakBend’s protocols, the hospital’s IT team immediately took all systems offline and put them in lockdown mode.

“The OakBend Medical Center ransomware issue was immediately turned over to a team consisting of the FBI, CYD, and the Ft. Bend County Government Cyberteam to investigate all issues,” the initial notice stated.

“OakBend’s IT team and CFO secured all patient-centric systems.”

OakBend said it engaged experts from Microsoft, Dell, and Malware Protects to clear out its systems in preparation for rebuilding.

“We continue to bring our clinical systems back online in a controlled, systematic environment,” OakBend informed patients in a September 9 update.

On Tuesday, September 13, OakBend posted an update on its website thanking its employees "for their perseverance as we work to get our systems fully operational."

The hospital said it still did not have voicemail capabilities, but voicemail services are estimated to be functioning by the end of the week. OakBend's email services are active again, but it will keep its backup email active until the hospital is completely sure that its systems are operational. 

"To our patients, suppliers, clinical and administrative staff: thank you so much for your patience during this event," the notice concluded.

On September 16, OakBend confirmed that "despite taking reasonable precautions," the unauthorized party was able to steal sensitive patient and employee data.

"We are utilizing all resources to address these issues and are in close contact with regulatory law enforcement agencies to help rectify the situation," the notice stated. 

On September 22, OakBend confirmed that nearly all clinical systems were back online. OakBend also implemented multi-factor authentication and "installed a new software system to monitor for future threats," the hospital stated.

Next Steps

Dig Deeper on Healthcare data breaches