Lurie Children's Hospital
Image: Lurie Children's Hospital

Major Chicago children's hospital hit by cyberattack, forcing it to disconnect entire network

For the second time this week, a Chicago hospital announced a cyberattack, with officials saying it forced them to take the facility’s entire network offline.

Lurie Children's Hospital is one of the biggest children’s healthcare organizations in the Midwest, serving 239,000 children each year. On Thursday evening, the hospital published a notice explaining the source of a recent network outage.

“Lurie Children’s is actively responding to a cybersecurity matter. We are taking this very seriously, are investigating with the support of leading experts, and are working in collaboration with law enforcement agencies,” the hospital said in a statement.

Saint Anthony Hospital on Chicago’s west side acknowledged a December 18 incident on Monday.

Lurie Children's officials stressed that the hospital was still open and providing care.

“As part of our response to this matter, we have taken network systems offline. As Illinois’ leading provider for pediatric care, our overarching priority is to continue providing safe, quality care to our patients and the communities we serve,” the statement said.

The hospital said it is working to create a call center to address the needs of their patients.

Lurie Children’s did not respond to requests for comment about whether it was a ransomware attack or if so, whether a ransom would be paid. No hacking group has taken credit for the incident. A ransomware gang did take credit for the attack at Saint Anthony.

Several Illinois healthcare facilities have announced ransomware incidents or cyberattacks over the last year, including Morris Hospital & Healthcare Centers and Sarah D. Culbertson Memorial Hospital. Cook County Health was also affected by a cyberattack on a medical transcription company last year.

Skokie incident

The Chicago suburbs also were the scene of a separate incident involving a local government.

Skokie village — directly northwest of the city and home to about 70,000 people — said on Thursday that it discovered a cybersecurity incident on December 18 and immediately began an investigation.

The investigation is still ongoing and the statement links to a previously-released document outlining all of the systems affected — including the online payment system for utility bills, permits, business licenses and more.

“The Village’s 911 emergency phone system, email system, and the Village website,, were not impacted,” Monday’s statement said.

Local news outlet Patch reported that village officials spent $42,000 on computer hardware and IT consultants in response to the attack. The news outlet obtained records showing that employees of the village were instructed to not tell the public about the incident.

Assistant Village Manager Nicholas Wyatt later told employees that the hackers had accessed employee information and that anyone affected would be provided with two years of identity protection services.

The village has not said if resident information was accessed and did not respond to requests for comment about whether a ransom was paid.

A variety of ransomware gangs have gone after prominent Illinois institutions in recent years, launching crippling attacks on the Illinois Office of the Attorney General and the largest switching and terminal railroad in the U.S.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.