Share this article on:
Southern Ohio Medical Center (SOMC) in Portsmouth, OH, is recovering from a cyberattack that occurred on the morning of Thursday, November 11, 2021. The attack forced the hospital to go on diversion and direct ambulances to other healthcare facilities. The hospital also had to cancel some appointments and outpatient services.
“This morning, an unauthorized third-party gained access to SOMC’s computer servers in what appears to be a targeted cyberattack. We are working with federal law enforcement and Internet security firms to investigate this incident” explained SOMC in a Facebook post on Thursday. “Patient care and safety remain our top priority as we work to resolve this situation as quickly as possible. While this does not impact our ability to provide care to current inpatients, we are presently diverting ambulances to other hospitals.”
The 248-bed not-for-profit hospital came off diversion on Friday morning, although it has not yet been able to return to full operations. Law enforcement has been informed and a third-party cybersecurity company has been engaged to investigate the breach and determine the nature and scope of the attack.
The attack took its electronic medical record system offline, with staff forced to revert to pen and paper to record patient information. Outpatient medical imaging, cancer care services, cardiovascular testing, cardiac catheterization, sleep lab, and outpatient surgery and rehab have all experienced disruption due to the lack of access to computer systems and data.
No information has been provided on the nature of the cyberattack and whether ransomware was involved. At such an early stage of the investigation, it is unclear if any patient information was accessed or exfiltrated from the affected servers during the attack.
The hospital said it will continue to assess the situation and will be providing updates as and when they are available.