Two New Jersey hospitals are still turning away new patients after a ransomware attack potentially compromised patient information.
The cyberattack impacted hospitals under the Ardent Health Services umbrella. New Jersey's Hackensack Meridian Mountainside Medical Center in Montclair and Hackensack Meridian Pascack Valley Medical Center in Westwood, both continue to divert patients to nearby ERs.
News 12 New Jersey spoke with cyber expert Scott Schober, of Berkeley Varitronics Systems. He says cyberattacks are becoming more common and hospitals are likely targets as they continue to migrate from paper to digital. Cyberattacks can promise big paydays for criminals operating on the dark web .
"They’re after the money, so something such as hospital data is actually about five times more valuable than our personal data. When they focus a cyberattack on a hospital, imagine getting five times the return. So the average hospital is paying out upwards of $1.5 million in ransom,” Schober says.
A representative for the New Jersey hospitals affected commented on the issue Monday afternoon.
"As we work to assess the impact of this outage and restore access, we are following established downtime protocols. As a precaution, our Emergency Rooms are currently on divert status,” the spokesperson wrote.
Ardent Health Services took its network offline and suspended all user access to its information technology apps. Affected hospitals are also rescheduling non-emergency and elective procedures until systems are back online. Schober says it’s important to back up data.
"If you back up your data on a regular basis, you’re much safer. Why? Because if your systems, your networks and your computers are now encrypted, you can’t access them. You can actually wipe them off and revert to your backup but if you don’t have a backup to revert to, you’re in trouble,” he says.
According to a spokesperson for Hackensack Meridian, no other hospitals were impacted, because they use a separate network. Ardent Health Services says it’s still unclear the full impact of this event, what data was compromised and how long it will take to fix.