Connect with us

Hi, what are you looking for?


Incident Response

Ransomware Attack Played Major Role in Shutdown of Illinois Hospital

St. Margaret’s Health in Illinois is shutting down hospitals partly due to a 2021 ransomware attack that caused serious payment system disruptions.

St. Margaret’s Health is shutting down hospitals and other facilities in Peru and Spring Valley, Illinois, and says a 2021 ransomware attack is partly to blame.

The attack occurred in late February 2021 and forced the shutdown of the Spring Valley hospital’s computer network, impacting all web-based operations, including its patient portal. The Peru branch was not affected, as it operated on a separate system.

The incident, the hospital said on social media, impacted its ability to bill patients and get paid in a timely manner for the provided services. The systems were down for more than three months.

Compounded with impact from the Covid-19 pandemic, a shortage of staff, and rising costs of goods and services, the cyberattack forced the hospital to suspend some of its services in January this year.

On June 16, St. Margaret’s Health will shut down both the Peru and Spring Valley facilities.

In a video message on social media, St. Margaret’s chairwoman Suzanne Stahl announced that OSF HealthCare will acquire the hospital in Peru, which will help pay some of the Spring Valley location’s debts.

St. Margaret’s Health will also close clinics in Henry, LaSalle and Streator and will sell other assets not included in the OSF HealthCare transaction.

St. Margaret’s Health is the first healthcare facility to link its closure to a ransomware attack, but this is not surprising, ForgeRock VP Steve Gwizdala said in an emailed comment.

“Healthcare continues to be one of the most attractive targets for cyberattackers, and the number of breaches affecting the industry is increasing each year,” Gwizdala said.

Advertisement. Scroll to continue reading.

What should be noted, KnowBe4’s Erich Kron says, is that the ransomware attack is only one of the reasons forcing the hospital to close.

“Unfortunately, while these attacks are not often the primary reason for an organization to shut down, the significant additional stress and financial impact caused by one of these attacks can be a major factor,” Kron pointed out.

Related: Idaho Hospitals Working to Resume Full Operations After Cyberattack

Related: Cyberattack Hits Major Hospital in Spanish City of Barcelona

Related: Florida Hospital Cancels Procedures, Diverts Patients Following Cyberattack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.


Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.


People on the Move

Check Point Software has appointed Nadav Zafrir as Chief Executive Officer

BlackFog has named Brenda Robb as President, John Sarantakes as CRO, and Mark Griffith as VP of Strategic Sales

Former NSA cybersecurity chief Rob Joyce has joined Sandfly Security's Advisory Board.

More People On The Move

Expert Insights