Southern Ohio Medical Center (SOMC) in Portsmouth, OH, is recouping from a cyberattack that happened on November 11, 2021. Because of the cyberattack, the hospital had to go on diversion and reroute ambulances to alternative healthcare services. The hospital additionally had to move a number of consultations and outpatient healthcare services.
According to a Facebook post by SOMC on November 11, an unauthorized third-party acquired access to its computer servers in a seemingly apparent targeted cyberattack. SOMC is working with federal authorities and Internet security agencies to look into the incident. Patient care and security is the provider’s top concern and is trying to resolve this problem as soon as possible. Although this doesn’t affect SOMC’s ability to provide care to present inpatients, ambulances are diverted to alternative hospitals at this time.
This not-for-profit healthcare facility with a 248-bed capacity stopped diverting ambulances on the following day, even if full operations is not yet completely restored. SOMC has informed law enforcement and a third-party cybersecurity firm is investigating the data breach to find out the nature and extent of the cyberattack.
Because of the attack, the hospital’s electronic medical record system was taken offline, and the personnel had to switch to using pen and paper to log patient data. Outpatient medical imaging, cardiovascular testing, cancer care services, sleep laboratory, cardiac catheterization, and outpatient surgical procedures and rehabilitation all encountered problems as a result of insufficient access to the computer systems and patient data.
SOMC did not give any data regarding the nature of the attack and if the attackers used ransomware. At this point of the investigation, it is uncertain whether the attackers accessed or exfiltrated any patient data from the compromised servers at the time of the attack.
The hospital stated it will still evaluate the situation and will give updates as soon as it has new information.