Largest hospital system in New Jersey was hit by ransomware attack

The largest hospital in New Jersey announced on Friday that a ransomware attack last week disrupted its network and that it paid a ransom.

The largest hospital in New Jersey, the Hackensack Meridian Health, was the victim of a ransomware attack last week that disrupted its network, the IT staff decided to pay the ransom to decrypt the files.

Hackensack Meridian operates 17 acute care and specialty hospitals, and the psychiatric facility Carrier Clinic, nursing homes, and outpatient centers. Its hospitals include Hackensack University Medical Center in Hackensack, Jersey Shore University Medical Center in Neptune and JFK Medical Center in Edison.

At the time there are no details about the family of ransomware the infected the system or the way attackers breached the network of the hospital. Hackensack Meridian Health did not reveal the amount of money it has paid to crooks, according to a statement issued by the hospital it holds insurance coverage for such emergencies.

“One of New Jersey’s largest hospital systems said it was hit this month by a ransomware attack that disrupted care across its clinics and 17 hospitals.” reported the WSJ.

“Hackensack Meridian Health said Friday the attack began Dec. 2 and forced it to cancel some surgical and other procedures, though no patients were harmed and its emergency rooms kept seeing patients.”

The hospitals were forced to reschedule nonemergency surgeries and doctors and nurses were not able to access electronic records.

The hospital system said it did cancel fewer than 100 scheduled procedures.

“As the frequency of these crimes grow, it is imperative that we work collectively—non-profit and for-profit organizations, large companies and small—with regulators and lawmakers to safeguard our vital enterprises and institutions,” the system said in a statement.

The hospital immediately reported the incident to the authorities and hired cybersecurity and forensic experts to manage the operations, it said.

“The system said it was advised by experts not to disclose until Friday that it had been the victim of a ransomware attack.” reported the AP agency. “It said that its network’s primary clinical systems had returned to being operational, and that information technology specialists were working to bring all of its applications back online.”

According to Hackensack Meridian, there is no indication that attackers have accessed patient information or discloses it.

The WSJ confirmed that nearly two weeks after the attack, the internal staff at the hospital system continues to restore its computer networks.

The hospital system announced that computer networks and applications used for medical care is back up and running.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – New Jersey, ransomware attack)

[adrotate banner=”5″]

[adrotate banner=”13″]