Fallout from an apparent cyber-attack on two local medical networks in Connecticut continued Friday.
The FBI has joined the investigation.
Special Agent in charge Robert Fuller said, “The New Haven Field Office of the FBI is involved in an ongoing cyber ransomware investigation of some local medical facilities. We are working closely with law enforcement partners and the victim entities to address the issues. At this time there is no further information we can share as this is an ongoing investigation."
Some locations within the Eastern Connecticut Health Network and Waterbury Health system remained closed Friday.
Get Connecticut local news, weather forecasts and entertainment stories to your inbox. Sign up for NBC Connecticut newsletters.
“I am assuming they are under control, and everything is working out," Thad Valenski said Friday.
He was relieved he still had an appointment in Manchester, but like many, still has some concern for patient information.
“Well, I’m concerned about being able to see my doctor and getting the updated lab reports and things of that nature," Valenski said.
Local
It remains unclear if patient records or information have been impacted by the apparent cyber attack.
The Eastern Connecticut Health Network issuing a statement Friday that read:
“Prospect Medical Holdings recently experienced a data security incident that has disrupted our operations. Upon learning of this, we took our systems offline to protect them and launched an investigation with the help of third-party cybersecurity specialists. While our investigation continues, we are focused on addressing the pressing needs of our patients as we work diligently to return to normal operations as quickly as possible. Eastern Connecticut Health Network (ECHN), an affiliate of Prospect Medical Holdings, had our Emergency Departments were on ambulance service diversion and diversion ended today at 10 am (Friday). Ambulance diversion is a fairly common practice for hospitals when there is any type of strain on operations. This does not mean the hospital’s ED is closed, but usually means the current emergency patient load exceeds the Emergency Department's ability to treat additional patients promptly. Our Emergency Departments have remained open (never closed) and are providing patient care. Ambulance service for patients to ECHN’s Emergency Departments equates to approximately 20% of our overall ED volume. We were on diversion for ambulance service until 10 am this morning and will continue to re-evaluate our abilities. Our team is experienced and skilled in downtime procedures and is ensuring the continuity of patient care. For information about outpatient locations that are not operating today, please visit ECHN.org."
Yale New Haven Health announced back in October of 2022 they would be purchasing the three hospitals impacted by the cyber attack. A spokesperson for Yale New Haven Health said they were unable to provide a comment.
Waterbury HEALTH updated a Facebook post with the latest closures in their system. Some facilities within both health networks remain on “downtime procedures."
“Downtime procedures are documented for all equipment in hospitals. A downtime procedure workflow is in place if report-back to the EHR is disrupted. A workaround is planned for verifying/documenting health insurance; collecting payment if financial systems are down (e.g., payroll systems, cash payments, procurement cards). A communication plan is developed to include all hospital staff as everyone is impacted during a downtime," said Chris Boyle with the Connecticut Department of Public Health.
NBC Connecticut reached out to Waterbury Health and Prospect Medical Holdings for comment, but we have not yet heard back.
“It's going to take organizations going through this to take a little bit of time to get back up and running, but also to know the full scope of damage," Mackenzie Brown with Blackpoint Cyber said.
She expects cyber security attacks to continue becoming more common. But offers the simple suggestion of a password change for those connected to an impacted organization.
“Do you have any shared passwords that are related to hospital check-ins, information that also go across to other organizations or other online sites," Brown said.
