Cybercrime , Fraud Management & Cybercrime , Healthcare

Mississippi Hospital System Still Struggling With Attack

The Gulf Coast Provider Is Among the Regional Health Systems Hit Recently
Mississippi Hospital System Still Struggling With Attack
Singing River Health System's three hospitals and other medical facilities along the Mississippi Gulf Coast are trying to recover from a cyberattack that hit last weekend. (Image: Singing River)

A three-hospital health system serving the Mississippi Gulf Coast has resorted to paper charting and other manual processes for patient care as it deals with a cyberattack that forced it to take systems offline.

See Also: Ponemon Report: The Impact of Ransomware on Patient Safety and the Value of Cybersecurity Benchmarking

The Singing River Health System's three hospitals - Pascagoula Hospital, Ocean Springs Hospital, and Gulfport Hospital, as well as its dozen-plus medical clinics - are affected by the incident, which began over the weekend. The health system employs about 3,800 people.

"Systems remain offline and downtime procedures remain in place as we continue to see patients," a Singing River spokeswoman told Information Security Media Group on Thursday.

The spokeswoman declined to say whether the incident is a ransomware attack. "Our investigation to determine the full nature and scope of this event is ongoing," she said.

The attack on Singing River is among several recent ransomware and other cyberattacks deeply affecting regional and smaller healthcare provider networks and hospitals as well as the surrounding communities.

"We need to quickly find ways to better protect our health systems. Attacks have a negative impact on patient care, and not necessarily only at the impacted hospital," said Brett Callow, threat analyst at security firm Emsisoft. "In cases where patients need to be redirected, that can place strain on nearby hospitals too."

Laboratory and radiology testing are among the services at Singing River affected by the IT systems outage. Singing River said it is working to process all paper-ordered lab tests and radiology exams as quickly as possible, based on priority. For now, all radiology exams are being conducted at the hospitals only.

"We are experiencing delays in getting these results returned. We will fax the results to your ordering provider as soon as possible," the hospital system said in a statement to patients.

Citing increased costs of staffing, equipment, technology and other issues, Singing River was set earlier this year for sale to another group, the Franciscan Missionaries of Our Lady Health System, according to local media reports. Singing Rivers' spokeswoman told ISMG that a sale has not yet happened.

"Mississippi also has the second-lowest overall healthcare ranking in the country, with an uninsured population significantly above the national average," which puts more financial pressures on the region's healthcare entities such as Singing River, said Toby Gouker, chief security officer for government health at risk management services firm First Health Advisory.

Mounting Cyber Pressure on Regional Healthcare

The impact of cyberattacks on smaller regional healthcare providers can be devastating. In June, a rural Illinois medical system, St. Margaret's Health, shut down permanently partly due to fallout from a 2021 ransomware incident (see: Rural Healthcare Provider Closing Due in Part to Attack Woes).

Many smaller and under-resourced health systems also tend to provide ad hoc cybersecurity programs, compounding the cyberthreats and risk they face, Gouker said. "It's imperative to adjust and improve these communication, budget and policy gaps to protect not only the business, its reputation and revenue but also patient safety and care morbidity," he said.

Earlier this month, Prospect Medical Holdings, which operates 17 hospitals in several states, including two hospitals and multiple clinics in its Eastern Connecticut Health Network, suffered a ransomware attack that forced emergency care patients to be diverted to other facilities for some time and was still causing systemwide IT outages on Thursday (see: California Hospital Chain Facing Ransom, Service Disruption).

In a statement to ISMG on Thursday, the entity said: "Prospect Medical Holdings' hospitals and affiliated providers are continuing to treat patients and our emergency departments are open. Prospect Medical physicians, nurses, and staff are trained to provide care when our electronic systems are not available. Delivering safe, quality care is our most important priority.

“Prospect Medical continues to work around-the-clock to recover critical systems and restore their integrity. We are making significant progress. Some operational systems have been fully restored and we are in the process of bringing others online. Due to the sensitivity of the incident and law enforcement involvement, we are unable to provide additional information at this time."


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.