New Jersey health system says outages are likely result of cyber attack

The health system said it is prioritizing surgeries based on urgency.

November 30, 2023, 2:24 PM

A New Jersey health system says it's the latest health care organization in the U.S. to be the victim of a cyberware attack.

Capital Health -- which operates hospitals in Trenton and Pennington as well as primary care offices across the state -- said it had been experiencing network outages that it now believes was a "cybersecurity incident."

In a statement on its webpage, the health system said it became aware of the incident earlier this week and immediately notified law enforcement and outside forensic and information technology experts.

Capital Health said it's unclear if any data has been exposed, including patient, employee or financial data.

The system said there are some disruptions to services. Outpatient radiology is not available and neurophysiology and non-invasive cardiology testing appointments are being rescheduled. Additionally, surgeries are being prioritized based on urgency and the patient's condition.

"Capital Health continues to make safely delivering patient care our highest priority," the health system said in a statement. "All Capital Health ERs remain open to those needing emergency care and our teams continue to provide the appropriate treatment for their medical condition."

PHOTO: A computer hacker is pictured in an undated stock image.
A computer hacker is pictured in an undated stock image.
STOCK IMAGE/Getty Images

Capital Health did not immediately reply to ABC News' request for comment but did tell local affiliate WPVI-TV it is working to resolve the incident.

"We are prioritizing safe patient care while working to restore the network and address the impact of this disruption," the statement read.

Rob D'Ovidio, an associate professor of criminology and justice studies, at Drexel University, who researches computer and high technology crime, said the goal of these cyberware attack is to seek a payout.

"This is purely a financial play here by the criminals and what we've seen over the past few years with these types of attacks -- there's an organized crime group behind it," D'Ovidio told WPVI-TV.

He said these attacks are generally ransomware attacks, in which a user or organization is blocked access to files and must pay for a decryption key to receive access again.

This is the second time in the last week that a health system has been the victim of a ransomware attack.

Hospitals run by Ardent Health Services -- including two in New Jersey -- were forced to divert ambulances to other area hospitals and cancel some non-elective procedures after the organization discovered the ransomware attack on Thanksgiving Day.

Additionally, hospitals run by private-equity firm Prospect Medical Holdings, were hit with a cyberware attack in August that affected affiliates as well.

One of those hospitals, Waterbury Hospital in Connecticut, wrote about the incident that "disrupted operations" in a Facebook post.

'All systems were taken offline to protect them, and an investigation was launched with the help of cybersecurity specialists," the post read.

CharterCARE Health Partners, a Rhode Island affiliate, also posted on Facebook about the data breach and said it had to "reschedule appointments" and was using "paper records" until the incident was resolved.

Related Topics