Regional Health Provider Struggling Weeks After Ransomware Attack

A regional healthcare provider in Ohio is still struggling to recover from a ransomware attack that triggered a system-wide technology outage more than two weeks ago, TechCrunch reports.

While “core components” of its Epic electronic health record (EHR) system have been restored, major disruptions persist across facilities, including closed emergency rooms, inaccessible phone lines, and widespread reliance on manual processes.  

“Everything is being done by hand — pen and paper,” said one patient, who also reported problems contacting doctors and refilling prescriptions.

Patients took to social media to share their experiences. One person wrote they risked “a withdrawal seizure” due to being unable to reach their doctor for a medication refill. Another said, “ambulances are still avoiding [the provider] because they have to wait too long to dump patients due to paper charting and label making.”  

Reports also mention canceled MRIs, cancer follow-ups, pre-op testing for open-heart surgery, and chemotherapy sessions.

The organization’s emergency operations lead confirmed it was a ransomware attack and stated that no ransom had been paid. The attack is attributed to the Interlock ransomware gang, though no public claim has been made.

Takeaway: Ransomware is designed to hurt—to disrupt operations, to create chaos, to squeeze victims for cash when they’re in their most desperate hour.  

But when that chaos hits a hospital, it’s not just some IT headache or an inconvenient return to pen and paper, it’s a public health crisis. You’re talking about delayed treatments, canceled surgeries, and patients who can’t get the care they need. This isn’t just disruption measured in dollars; it’s collateral damage measured by impacted lives.

What’s happening at this regional healthcare provider in Ohio isn’t just about downtime or IT scrambling to reboot systems. Real patients are paying the price. Missed chemo. Canceled MRIs. ERs closed. People begging for medication refills.  

And this isn’t hypothetical. Research shows ransomware attacks are tied directly to increased patient deaths and more complications during treatment. One study found death rates for hospitalized Medicare patients spiked by 33% at ransomware-hit facilities. Between 2016 and 2021, these attacks were linked to as many as 67 patient deaths.

And it doesn’t stop at the target. There's a blast radius. When one hospital goes dark, nearby providers are forced to absorb the overflow without extra staff, space, or resources. ERs get crushed, wait times explode, and even patients with unrelated emergencies suffer.

This is what we’re up against. Ransomware isn’t just an IT problem, it’s a patient care problem. It’s about life and death. And until we treat it like the existential threat it is, we’re going to keep seeing hospitals buckle under the weight of attacks they’re not equipped to handle.

Lives are literally on the line when ransomware hits healthcare and critical infrastructure, but you’d never know it by looking at our collective response. Until we start treating these attacks like the national security emergencies they are, we’re signaling to the threat actors that even when people are dying, we still don’t know how to effectively respond.

Halcyon.ai eliminates the business impact of ransomware. Modern enterprises rely on Halcyon to prevent ransomware attacks, eradicating cybercriminals’ ability to encrypt systems, steal data, and extort companies – talk to a Halcyon expert today to find out more, and check out our quarterly RaaS and extortion group reference guide, Power Rankings: Ransomware Malicious Quartile.