Hospitals in New York and Oregon hit with ransomware, as new attacks mount

Three hospitals at New York’s St. Lawrence Health System were victimized by a ransomware attack, it was reported Tuesday. Meanwhile, Oregon-based Sky Lakes Medical Center also says its systems were compromised this week, as opportunistic pandemic-era ransomware incursions continue nationwide.

In New York, St. Lawrence says some computers at its three hospitals – Canton-Potsdam, Massena and Gouverneur – were attacked by ransomware early Tuesday morning, WWNY reports.

Its IT department “disconnected all systems and shut down the affected network to prevent further propagation,” the health system said in a news release. “These locations are utilizing their established back-up processes including offline documentation methods. Patient care continues to be delivered safely and effectively.”

HIMSS20 Digital

Learn on-demand, earn credit, find products and solutions. Get Started >>

Like other recent attacks – notably, the crippling multi-day outage at UHS hospitals around the country back in September – the ransomware was identified early on as that Ryuk variant.

Officials at St. Lawrence, which is reportedly working with the FBI and Department of Homeland Security, said that, at this stage at least, “no patient or employee data appears to have been accessed, copied, or otherwise compromised.”

Still, the New York State Department of Health noted that the health system was diverting ambulances from its hospitals as a precaution on Tuesday.

“We implement extensive IS Security controls, measures, and procedures, and are working diligently with our IS Security partners to restore IT operations as quickly as possible,” said St. Lawrence CIO Lyndon Allen in statement. “The security measures implemented immediately made it possible to contain the virus and protect our patients and staff.”

In Klamath Falls, Oregon, meanwhile, Sky Lakes Medical Center reported Tuesday that its IT systems were also brought down by a separate ransomware attack, complicating communication among staff and delaying some procedures.

“Our computer systems have been compromised; as of right now we have no evidence that patient information has been compromised,” the hospital said in a Facebook post, which noted…