One Brooklyn Health Not Over November Cyber IncidentOrganization's 3 Hospitals Are Regaining Use of Various Critical Services, CEO Says
New York-based One Brooklyn Health is slowly recovering from a cybersecurity incident detected on Nov. 19 that disrupted a variety of digital systems at its three safety-net hospitals and other care facilities.
One Brooklyn CEO LaRay Brown said in a Wednesday statement to Information Security Media Group that the organization has made "considerable progress" in its investigation and remediation.
The organization, which includes three Brooklyn hospitals, two nursing homes and an assisted living program, continues to work with third-party advisers, including cybersecurity experts, to ensure that its systems are brought back online "as quickly and safely as possible, in a way that prioritizes patient care," Brown said.
"There have been no patient harm resulting from IT systems being offline," she added.
One Brooklyn continues to be in regular communication with the New York State Department of Health and other regulatory agencies to share "pertinent updates" in the investigation and restoration process for the incident. "We have also notified law enforcement and continue to work with them as appropriate," Brown said.
Neither the New York state governor's office nor the health department immediately responded to ISMG's request for comment on the One Brooklyn cyber incident.
As of Wednesday, a variety of clinical applications had been restored, including those used for imaging and other critical services, and access to "a significant number" of workstations for staff use has also been restored.
"We anticipate the restoration of additional high-priority applications in the coming days. Importantly, patient care has not been impacted as a result of this incident."
Brown did not immediately respond to ISMG's inquiries regarding the type of cyber incident One Brooklyn experienced and whether it involved ransomware or a data breach.
Ransomware is a mounting threat for the healthcare industry, which attracts cybercriminals by having quantities of sensitive data, an often-earned reputation for poor cybersecurity and the perception that most physicians would rather pay the ransom than disrupt medical care.
Entities should contact the FBI as soon as they're hit by a cyber incident because, depending on the details, such as ransomware variant, the bureau can sometimes provide a decryptor, said FBI special agent William McDermott during a presentation at the HIMSS cyber forum in Boston this week.
"We won't show up in FBI raincoats. We come in low-key," he said. Much of the FBI's support for dealing with the incidents is also provided remotely.
"We will never announce that you called us," McDermott said.