Natali_Mis/istock via Getty Imag
Latest healthcare cyberattacks highlight operational risks
Recent cyberattacks against OneBlood and McLaren Health Care shed light on the operational challenges that targeted organizations face.
Healthcare cyberattacks often result in data breaches, affecting the privacy of patients. However, as recent healthcare cyberincidents have shown, operational disruptions are also common when an organization is targeted by cyberthreat actors.
In late July and early August 2024, the healthcare sector faced numerous cyberattacks and data breaches, some of which resulted in operational challenges and significant system downtime.
McLaren Health Care institutes downtime procedures following cyberattack
McLaren Health Care, a Michigan-based healthcare system, notified patients on August 7 that a criminal cyberattack resulted in disruptions to its information technology and phone systems beginning August 6.
The health system consists of 13 hospitals as well as ambulatory surgery centers and a physician network.
According to a notice posted on McLaren's website, McLaren immediately activated its downtime procedures once it became aware of the attack. At the time of publication, several McLaren systems continued to operate in downtime procedures.
Despite the disruptions, McLaren said that its facilities are "largely operational" and remain open. However, the health system had to cancel some non-emergency appointments, tests and treatments as it worked to recover from the cyberattack.
"In addition, we are also actively working with our vendor partners and insurance providers to ensure our supply chain is not impacted and insurance authorizations are processed for care and treatments," the notice stated.
Although its facilities remain operational, the cyberattack has affected the health system's ability to operate to its fullest extent. For example, patients were directed to bring a list of current medications, printed physician orders for imaging studies or treatments and printed results of recent lab tests to their upcoming appointments as the disruptions continue.
Even with well-rehearsed incident response plans and downtime procedures, healthcare cyberattacks that target critical systems are bound to cause operational troubles.
OneBlood works to restore critical systems following ransomware attack
On August 6, blood donation nonprofit OneBlood informed the public that it had restored the critical systems used to manage its daily operations, following a ransomware attack that occurred on July 29.
When the ransomware attack occurred, OneBlood informed hospitals across the Southeastern United States that it was operating at a "significantly reduced capacity," rendering it unable to provide blood to hospitals at its typical volume.
OneBlood urged the public to donate blood immediately if they could. Blood centers nationwide sent blood and platelets to OneBlood, and the AABB Interorganizational Disaster Task Force also provided resources and assistance.
"Manual processes take longer to perform. We felt the impact of this the most when it came to labeling blood for release to hospitals," said Susan Forbes, OneBlood senior vice president of corporate communications and public relations.
"Despite the challenges, we have remained operational throughout the ransomware event. Blood drives are taking place, our donor centers have remained open, and we continue to see a tremendous response from OneBlood donors answering the call for blood and platelet donations."
The incident underscored the importance of healthcare supply chain security and the operational risks that have the potential to multiply when an organization faces a cyberattack.
Jill McKeon has covered healthcare cybersecurity and privacy news since 2021.