From UT Health East Texas
An undated file photo from UT Health Tyler, part of the UT Health East Texas network, in Tyler, Texas.
CNN –
A network of hospitals in East Texas has been unable to admit ambulances to emergency rooms since Thanksgiving due to a “potential.” [cyber]security incident,” a hospital spokesperson told CNN on Friday.
The UT Health East Texas hospital network is operating under “established downtime procedures” while the hospital investigates “a potential security incident” and works to bring computers back online, spokeswoman Allison Pollan said in an email.
Pollan did not respond to subsequent phone calls requesting more information about the incident and the hospitals’ response. She declined to answer further questions via email.
Headquartered in Tyler, Texas, UT Health East Texas operates 10 hospitals and more than 90 clinics in the region, providing health care to thousands of patients annually, according to its LinkedIn page.
The East Texas health system is just the latest hospital group forced to turn away ambulances due to an apparent cybersecurity incident. In the last nine months alone, ambulances have been diverted by cyberattacks from hospitals in Connecticut, Florida, Idaho and Pennsylvania.
The cyber incident at UT Health East Texas began Thursday when the hospital network “became aware of a network outage,” prompting it to suspend its network, the hospital network’s statement to CNN said.
The hospital network originally said Thursday it expected computer networks to be restored “in the next 24 to 36 hours,” but it is unclear whether that will happen.
Officials at the Department of Health and Human Services and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) — two federal agencies tasked with helping hospitals defend against hackers — did not immediately respond to requests for comment. The FBI, which also responds to hospital hacks, did not initially comment.
Federal officials and operators of critical infrastructure like hospitals and power plants are particularly wary of the threat of ransomware and other cyberattacks during long holiday weekends, when many Americans have time off — and cybersecurity teams may be overwhelmed.
Since the coronavirus pandemic began in 2020, cyberattacks have knocked hundreds of healthcare providers across the U.S. offline. Healthcare organizations often do not have the cybersecurity resources to deal with the threats.
The problem persists despite greater attention from health groups and federal officials. CISA last week released a detailed cybersecurity plan to protect hospitals from hacks.
There were 209 publicly reported ransomware attacks on U.S. healthcare organizations in 2023, up from 162 attacks in 2022, Allan Liska, a ransomware expert at cybersecurity firm Recorded Future, told CNN on Friday.