New Jersey, Pennsylvania hospitals affected by cyberattacks

Hospitals in New Jersey and Pennsylvania are dealing with the ramifications of cyberattacks this week following several similar incidents that took place during the Thanksgiving holiday.

This week, Capital Health said it is experiencing network outages because of a cybersecurity incident. The company runs two hospitals — Regional Medical Center in Trenton and Capital Health Medical Center in Hopewell — as well as several smaller healthcare facilities across the New Jersey-Pennsylvania region. The incident follows a separate attack on a health services provider that operates multiple hospitals in New Jersey, which forced it to turn away emergency vehicles.

“We continue to care for patients in both hospitals, including our Emergency Rooms, in our practices, and at all other locations under established protocols for system downtimes where necessary. We are prioritizing safe patient care, while working to restore the network and address the impact of this disruption,” they said in a statement.

“After becoming aware of the situation, we immediately notified the appropriate authorities and are working closely with law enforcement and third-party experts to address the situation quickly and safely.”

The company’s IT team said it is working to restore hospital systems and data but noted that its emergency rooms are still open to those in need of care. Some elective surgeries have been moved to later dates and outpatient radiology appointments are not available.

Neurophysiology and non-invasive cardiology testing will be rescheduled as well and patients are being contacted with more information.

They are unsure of when the issue will be resolved but are planning to “operate with system limitations for at least the next week.”

The attack on Capital Health comes days after Ardent Health Services — which operates multiple hospitals in New Jersey as well — reported widespread issues due to a ransomware attack on its systems.

The attack on Ardent Health Services affected more than 30 hospitals across the country and forced several to divert ambulances away from their emergency rooms.

Since 2020 and the onset of the COVID-19 pandemic, ransomware gangs have made a point of targeting healthcare facilities because they are likely to pay exorbitant ransoms.

A study from University of Minnesota researchers released in October found that ransomware incidents increased the in-hospital mortality for patients admitted to attacked hospitals. The researchers estimate that from 2016 to 2021, between 42 and 67 Medicare patients died as a result of the outages caused by ransomware attacks.

“The true number of deaths caused by ransomware attacks is likely even larger, when you include patients with other types of health insurance coverage,” the researchers said in Stat News earlier this month.

“The morbidity effects of a ransomware attack (i.e., how delays in care make existing conditions worse) are as yet unknown.”

Recorded Future — the parent company of The Record — reported at least 19 ransomware attacks on healthcare facilities last month and steep increases in incidents throughout 2023.