Signature Healthcare EHRs, Patient Portal Offline; Some Cancer Care Cancelled
A Southeastern Massachusetts healthcare system is diverting ambulance patients and operating under downtime procedures as it deals with a cyberattack discovered on Monday. The organization has also temporarily canceled certain cancer treatments, taken its electronic health records and patient portal offline, and is unable to fill prescriptions at its retail pharmacies.
See Also: AI Impersonation Is the New Arms Race—Is Your Workforce Ready?
Brockton, Mass.-based Signature Healthcare, which includes a medical group employing 150 physicians in 15 care locations in the region and the 216-bed Signature Healthcare Brockton Hospital, said on Tuesday that its inpatient care and walk-in emergency services remain open but ambulance traffic is still being diverted as it respond to the incident.
Surgeries and certain procedures, including endoscopy, are continuing as scheduled. But chemotherapy infusion services for cancer patients are temporarily canceled.
“Signature Medical Group and urgent care practices are open; patients may experience some delays.” The organization’s patient portal on Tuesday was unavailable and its electronic health records systems offline. The entity’s two retail pharmacies were open for consultation, but unable to fill prescriptions.
The cyberattack is not the first major disruption Signature Healthcare has faced in recent years. Signature Healthcare’s Brockton Hospital, which is located about 35 miles south of Boston and is affiliated with Beth Israel Deaconess Medical Center in Boston, was completely closed for about 18 months after a devastating electrical fire in February 2023.
Before it reopened in August 2024, the community hospital – which has been operating for more than 125 years – rebuilt its outpatient surgical facility, updated its emergency department and implemented other improvements.
Non-profit Signature Healthcare treats about 70,000 patients in the region annually. The organization did not immediately respond to ISMG’s request for additional details about the cyber incident.
Signature Healthcare is among other regional hospitals and healthcare provider organizations hit with disruptive cyberattacks in recent weeks and months. That included incidents that also involved data theft.
In February, a cyberattack forced the University of Mississippi Medical Center’s to temporarily close three dozen of healthcare clinics throughout the state and cancel elective procedures as Mississippi’s only academic health science center responded to a ransomware attack (see: Mississippi Medical Center, Clinics Still Closed After Attack).
That attack affected UMMC’s Epic electronic health records, phone and other IT systems for more than a week. Russian-speaking cybercriminal gang Medusa claimed on its dark website to have published data stolen from UMMC in the attack, including internal financial records, patient and employee information.
Last week, Texas-based Nacogdoches County Hospital District – which operates under the name Nacogdoches Memorial Hospital – disclosed it was notifying more than 257,000 people that their personal information was potentially compromised in January cyberattack on the entity (see: Breach Roundup: Feds Confirm ‘Major’ Hack on FBI System).