Ardent Health Services on Monday announced that its clinical and financial operations have been disrupted by a ransomware attack discovered on Thanksgiving morning.
The incident, the healthcare services provider says, forced it to take systems offline and suspend user access to IT applications, including corporate servers and internet and clinical programs.
“In the interim, while this incident results in temporary disruption to certain aspects of Ardent’s clinical and financial operations, patient care continues to be delivered safely and effectively in its hospitals, emergency rooms, and clinics,” the company says in an incident notice on its website.
Following the attack, Ardent and its affiliates are rescheduling procedures considered non-emergent and are diverting patients to other hospitals.
“Ardent’s hospitals are currently operating on divert, which means hospitals are asking local ambulance services to transport patients in need of emergency care to other area hospitals. This ensures critically ill patients have immediate access to the most appropriate level of care,” the company announced.
The healthcare services provider says it is working on restoring its systems and returning applications to normal operations, but could not estimate how long that would take.
Ardent also says that each hospital will evaluate its ability to provide care to critically ill patients in its emergency room, and that more information on how long they will be on divert will be provided for each of them as the situation evolves.
The healthcare company says it is still investigating the extent of the incident and that it cannot yet confirm what patient health or financial data might have been compromised.
SecurityWeek has not observed any ransomware group adding Ardent to their leak sites to take responsibility for the attack.
Based in Nashville, Tennessee, Ardent Health Services owns and operates hospitals in Idaho, Kansas, New Mexico, Oklahoma, and Texas.