Fraud Management & Cybercrime , Healthcare , Industry Specific

Tennessee Medical Clinic Patient Services Hampered by Attack

'Sophisticated Criminal Attack' Included Effort to Steal Data, Entity Says
Tennessee Medical Clinic Patient Services Hampered by Attack
Murfreesboro Medical Clinic & SurgiCenter in Tennessee is still recovering from an April 22 cyberattack that forced it to take its IT systems offline. (Image: MMC)

A Tennessee medical clinic and surgery center is struggling to fully recover two weeks after an April 22 cyberattack that included an attempt to steal data forced it to take its IT systems offline and cancel most patient services.

See Also: NHS Ransomware Attack: Healthcare Industry Infrastructures Are Critical

As of Friday, Murfreesboro Medical Clinic & SurgiCenter resumed sick visit services at some of its walk-in clinics but is still canceling most well-care visits, as well as surgeries and laboratory and radiology services.

The Murfreesboro, Tennessee, clinic has 130 healthcare providers, seven locations and 900 employees. It is attempting to triage other more urgent care, such as visits with expectant parents and new babies, a clinic spokeswoman told Information Security Media Group.

The clinic is working with IT security experts and law enforcement in the investigation and recovery process, she said. "We're working around the clock to get all our systems back up." The healthcare provider does not yet know when it can expect to have all its IT systems and patient services restored, she added.

"Preserving sensitive patient and employee information is of the utmost importance to MMC, but like so many other organizations around the country and despite its best efforts, MMC has found itself as the target of criminals attempting to steal personal or company data," clinic CEO Joey Peay said in a Tuesday statement.

The MMC spokeswoman declined to say whether the cyberattack involved ransomware or a ransom demand from attackers.

The clinic said patients and employees should monitor their personal data for any misuse despite no direct evidence that hackers accessed or stole information.

MMC is among a growing group of healthcare sector entities targeted by cyberattacks, especially ransomware.

The top threat that federal authorities are keeping a close eye on in the healthcare sector is ransomware, U.S. Cybersecurity and Infrastructure Security Agency Deputy Director Nitin Natarajan told Information Security Media Group during a recent interview.

"The potential to click on anything and to have that widespread impact across the IT systems in a healthcare facility, potentially resulting in ER diversions and patient safety issues, has us very concerned about stopping ransomware attacks across the healthcare sector."

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.