After nearly a week of rumors, Springhill Medical Center has confirmed its cyber network was attacked and had to be shutdown to protect patient data.
“We are currently addressing a security incident affecting our internal network. After learning of this issue, we immediately shut down our network to contain the incident and protect all data, notified law enforcement, and engaged leading outside forensic experts to support our investigation,” a Springhill representative said in a statement. “As we have worked diligently to investigate and remediate the incident, our staff has continued to safely care for our patients and will continue to provide the high quality of service that our patients deserve and expect.”
The confirmation comes about six days after reports of a “ransomware attack” first began circling July 9. Reached by a Lagniappe reporter last week, the hospital said it was “experiencing a technical issue with our I.T. network” but made no mention of a network security event.
The hospital’s website has been down for several days, and multiple sources have told Lagniappe that a phishing email caused the network to be compromised. It’s also been suggested that some records and network access were held for ransom.
None of those details have been confirmed by the hospital, though it wouldn’t be an uncommon type of cyberattack. Hackers have been targeting hospitals across the United States in recent years because they often maintain millions of sensitive records and can be critically dependent on digital networks.
In 2014, Community Health Systems, the parent company of South Baldwin Regional Medical Center in Foley, saw the non-medical patient data of 4.5 million individuals compromised in a “criminal cyber-attack by a foreign-based intruder.”
Many medical associations have begun pushing cybersecurity education for hospital staff and administrators. In fact, an event hosted by the South Alabama Association of Health Information Management called: “Phishing: Learn Not To Take The Bait” was scheduled to be held at Springhill Medical Center Tuesday. It’s currently unclear whether that was pre-planned or a response to the ongoing “network incident.”
In the statement released to reporters Tuesday, Springhill said it is continuing to work with law enforcement, though the Mobile Police Department and the Mobile County Sheriff’s Department both told WKRG they weren’t handling the case.
A spokesperson sad the FBI’s Mobile office could not “confirm nor deny the existence of an investigation,” though there have been unconfirmed reports of agents on the premises at Springhill. If the FBI is indeed handling the investigation, it would suggest that the “network incident” may have had a foreign origin.
In the meantime, Springhill Medical Center says it’s continuing to serve patients.
“Our staff has implemented standard downtime procedures to mitigate the impact to our patients, and we are working diligently to maintain the same high quality of care as when our systems are operating normally,” the statement concluded. “We have continued seeing our normal volume of patients over the past week.”
This page is available to subscribers. Click here to sign in or get access.
It looks like you are opening this page from the Facebook App. This article needs to be opened in the browser.
iOS: Tap the three dots in the top right, then tap on "Open in Safari".
Android: Tap the Settings icon (it looks like three horizontal lines), then tap App Settings, then toggle the "Open links externally" setting to On (it should turn from gray to blue).