SCRANTON, Pa. — The Lehigh Valley Health Network has been hit with a cybersecurity attack.
Officials with the health care network say they found unauthorized activity in their system on February 6.
Officials say the ransomware gang known as BlackCat launched the attack on the network supporting the Delta Medix practice in Scranton.
Lehigh Valley Health Network says the attack hasn't disrupted its operations, but officials are taking this very seriously.
In a statement, the president and CEO said:
Lehigh Valley Health Network (LVHN) has been the target of a cybersecurity attack by a ransomware gang, known as BlackCat, which has been associated with Russia. As of today, the attack has not disrupted LVHN's operations. Based on our initial analysis, the attack was on the network supporting one physician practice located in Lackawanna County. We take this very seriously and protecting the data security and privacy of our patients, physicians and staff is critical.
On February 6, LVHN detected unauthorized activity within our IT system. Our Technology team identified the unauthorized activity, and we immediately launched an investigation, engaged leading cybersecurity firms and experts, and notified law enforcement. We are continuing to work with our experts to investigate the scope of the incident and as of today, we continue to operate normally.
Although our investigation is ongoing, as of today, our initial analysis shows that the incident involved a computer system used for clinically appropriate patient images for radiation oncology treatment and other sensitive information. BlackCat demanded a ransom payment, but LVHN refused to pay this criminal enterprise. We understand that BlackCat has targeted other organizations in the academic and health care sectors.
We are continuing to work closely with our cybersecurity experts to evaluate the information involved and will provide notices to individuals as required as soon as possible. Attacks like this are reprehensible and we are dedicating appropriate resources to respond to this incident.
Mehmet Bastug is a professor in the criminal justice department at the University of Scranton. Bastug specializes in cybersecurity and cybercrimes. He says health care groups are some of the top targets for cyberattacks.
"The data is more important for them to continue operations. For health care industries, if a doctor cannot access a patient's health chart, they may not be able to perform surgeries or other procedures."
Bastug says cyberattacks are becoming common enough that businesses are trying to protect themselves by taking precautionary steps.
"They may back up their data. Even if the data is encrypted, they can back up the data. It may reduce the risk of ransomware attacks," Bastug said. "The best way to protect your network also includes raising awareness and employee training."
See news happening? Text our Newstip Hotline.