US-based healthcare provider Kettering Health was forced to cancel patient appointments following a cyber attack which caused a company-wide outage.
Kettering Health operates 14 medical centers and over 100 outpatient locations across the state of Ohio. In a statement confirming the outage on Tuesday 20th, the non-profit said the attack severely impacted call center operations and a number of patient care systems.
“Elective inpatient and outpatient procedures at Kettering Health facilities have been canceled for today Tuesday, May 20,” the company said.
“These procedures will be rescheduled for a later date and more information will be provided on this as updates are available. In addition, our call center is experiencing an outage and may not be accessible.”
In the wake of the attack, Kettering Health warned patients to be wary of potential phishing scams as threat actors look to capitalize on the disruption.
The provider told patients to never share financial details in the event they are contacted and report any cases to law enforcement.
"While it is customary for Kettering Health to contact patients by phone to discuss payment options for medical bills, out of an abundance of caution, we will not be making calls to ask for or receive payment over the phone until further notice," the firm said.
Who’s behind the Kettering Health attack?
According to reports from CNN, the Interlock ransomware group has claimed responsibility for the attack, with the group threatening to leak stolen information if it fails to pay a ransom.
"Your network was compromised, and we have secured your most vital files," read a ransom note seen by reporters at the publication.
Interlock is a relatively new ransomware group, but has quickly risen to prominence since first bursting onto the scene in late 2024. Rebecca Moody, head of data research at Comparitech, said the group first began adding victims to its data leak site in October 2024.
“As with most ransomware gangs today, it seeks a ransom payment for the decryption of systems and the deletion of stolen data,” she said.
Moody added that since October last year, Comparitech has tracked 16 confirmed attacks by the group and an additional 17 unconfirmed attacks that “haven’t been acknowledged by the organizations in question”.
The company has previously targeted healthcare organizations in the US, having claimed responsibility for a breach on DaVita, a kidney care provider that operates across the United States.
Most recently, Interlock was identified as the group behind an attack on a local authority’s school networks in Scotland. The local council for West Lothian, which is located on the outskirts of Edinburgh, confirmed the attack earlier this week.
The group has since leaked 3.3 million files on the dark web, according to reports from Edinburgh-based publication, Futurescot.
MORE FROM ITPRO
- US healthcare data breaches are out of control
- More than 300,000 US healthcare patients impacted in suspected Rhysida cyber attacks
- NHS England launches cyber charter to shore up vendor security practices
-
Millennials are leading the charge on AI skills developmentNews Workday research suggests mid-career workers are largely on board with upskilling to take advantage of AI
-
It's been a bad week for ransomware operatorsNews A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
US healthcare data breaches are out of control – over 400 million patient records have been exposed in the last two yearsNews There's been a huge surge in the number of healthcare data breaches in recent years
-
More than 5 million Americans just had their personal information exposed in the Yale New Haven Health data breach – and lawsuits are already rolling inNews A data breach at Yale New Haven Health has exposed data belonging to millions of people – and lawsuits have already been filed.
-
Healthcare organizations are turning a blind eye to phishing attacksNews A survey reveals that most attacks go unreported, putting patient data at risk
-
Healthcare systems are rife with exploits — and ransomware gangs have noticedNews Nearly nine-in-ten healthcare organizations have medical devices that are vulnerable to exploits, and ransomware groups are taking notice.
-
More than 300,000 US healthcare patients impacted in suspected Rhysida cyber attacksNews Two US healthcare organizations have warned threat actors were able to breach their internal systems, exposing more than 300,000 individuals.
-
‘It’s your worst nightmare’: A batch of €5 hard drives found at a flea market held 15GB of Dutch medical records – and experts warn it could’ve caused a disastrous data breachNews Robert Polet made a startling discovery after finding hard drives on sale for €5 each in a flea market.
-
Cyber attack delayed cancer treatment at NHS hospitalNews A cyber attack at Wirral University Teaching Hospital in 2024 delayed critical cancer treatment for patients, documents show.
-
Healthcare data breaches are out of control – here's how the US plans to beef up security standardsNews Changes to HIPAA security rules will require organizations to implement MFA, network segmentation, and more
