St. Margaret’s Health is shutting down hospitals and other facilities in Peru and Spring Valley, Illinois, and says a 2021 ransomware attack is partly to blame.
The attack occurred in late February 2021 and forced the shutdown of the Spring Valley hospital’s computer network, impacting all web-based operations, including its patient portal. The Peru branch was not affected, as it operated on a separate system.
The incident, the hospital said on social media, impacted its ability to bill patients and get paid in a timely manner for the provided services. The systems were down for more than three months.
Compounded with impact from the Covid-19 pandemic, a shortage of staff, and rising costs of goods and services, the cyberattack forced the hospital to suspend some of its services in January this year.
On June 16, St. Margaret’s Health will shut down both the Peru and Spring Valley facilities.
In a video message on social media, St. Margaret’s chairwoman Suzanne Stahl announced that OSF HealthCare will acquire the hospital in Peru, which will help pay some of the Spring Valley location’s debts.
St. Margaret’s Health will also close clinics in Henry, LaSalle and Streator and will sell other assets not included in the OSF HealthCare transaction.
St. Margaret’s Health is the first healthcare facility to link its closure to a ransomware attack, but this is not surprising, ForgeRock VP Steve Gwizdala said in an emailed comment.
“Healthcare continues to be one of the most attractive targets for cyberattackers, and the number of breaches affecting the industry is increasing each year,” Gwizdala said.
What should be noted, KnowBe4’s Erich Kron says, is that the ransomware attack is only one of the reasons forcing the hospital to close.
“Unfortunately, while these attacks are not often the primary reason for an organization to shut down, the significant additional stress and financial impact caused by one of these attacks can be a major factor,” Kron pointed out.