The city of Chicago is dealing with a major cyberattack that has been ongoing for over a week at a prominent children’s hospital. This has resulted in doctors and nurses being unable to access electronic patient records and parents struggling to communicate with their children’s healthcare providers.

On Thursday, representatives from Lurie Children’s Hospital stated that they are collaborating with the FBI and other law enforcement agencies regarding a security breach. They informed reporters that an individual with a history of criminal activity was able to gain access to the hospital’s network.

After discovering the breach on January 31st, officials stated that the hospital deactivated its phone, email, and medical record systems.

Dr. Marcelo Malakooti, Lurie’s chief medical officer, stated that they are taking this issue seriously and have been diligently collaborating with external and internal specialists as well as law enforcement, including the FBI. He also mentioned that the investigation is currently ongoing.

The circumstances at Lurie Children’s Hospital displayed characteristics of a ransomware attack, although the hospital has not officially stated the cause. These types of attacks, which involve locking important data, records, or information and demanding payment for their release, are commonly used by ransomware groups to make money.

According to Allan Liska, an analyst from Recorded Future, victims are usually instructed not to identify specific criminal groups. However, based on the details provided by Lurie officials on Thursday, it appears that the operation is familiar to law enforcement in the United States.

According to Liska, ransomware groups are becoming more aggressive in targeting healthcare providers, despite the fact that many hospitals do not have enough money to pay a high ransom.

A spokesperson for the Chicago FBI declined to give additional details about the hospital’s statement. They directed The Associated Press to a statement released on Wednesday that confirmed an ongoing investigation.

Last year, the U.S. Department of Health and Human Services issued a report stating that criminals have been increasingly targeting healthcare providers, resulting in delayed or interrupted treatment for patients nationwide.

However, educational institutions, legal systems, public services, and governmental organizations have all been vulnerable.

Lurie instructed patients to utilize a call center, stating that it can assist with prescription refills, appointment discussions, and communication with healthcare providers.

“We understand the frustration and worry that this situation causes for everyone affected,” Malakooti stated on Thursday. “We are extremely thankful for the support from this community, and we are particularly impressed by the dedication and resilience of our employees in upholding our mission.”

However, some parents have expressed that the center is not adequately addressing their needs, causing families to be unsure of when they will receive answers.

According to Brett Callow, a threat analyst at Emsisoft, it often takes hospitals several weeks to fully recover from a cyberattack. During this time, they typically focus on restoring essential systems first.

According to the most recent yearly report from Lurie Children’s, the staff provided care for approximately 260,000 patients in the previous year. Pediatrician practices in the Chicago area that collaborate with the hospital have also stated that they are unable to retrieve electronic medical records due to the attack.

Source: wral.com