Latest news with #JohnWeimer
Yahoo
04-06-2025
- Health
- Yahoo
Ransomware gang claims responsibility for Kettering Health hack
A ransomware gang claimed responsibility for the hack on Kettering Health, a network of hospitals, clinics, and medical centers in Ohio. The healthcare system is still recovering two weeks after the ransomware attack forced it to shut down all its computer systems. Interlock, a relatively new ransomware group that has targeted healthcare organizations in the U.S. since September 2024, published a post on its official dark web site, claiming to have stolen more than 940 gigabytes of data from Kettering Health. CNN first reported on May 20 that Interlock was behind the breach on Kettering Health. At the time, however, Interlock had not publicly taken credit. Usually, that can mean the cybercriminals are attempting to extort a ransom from their victims, threatening to release stolen data. The fact that Interlock has now come forward could indicate that the negotiations have gone nowhere. Do you have more information about Kettering Health's ransomware incident? Or other ransomware attacks? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email. Kettering Health's senior vice president of emergency operations, John Weimer, previously told local media that the healthcare company had not paid the hackers a ransom. TK, a spokesperson for Kettering Health, did not provide comment when reached by TechCrunch on Wednesday. Interlock did not respond to a request for comment sent to an email address listed on its dark web site. A brief review of some of the files Interlock published on its dark web site appears to show the hackers were able to steal an array of data from Kettering Health's internal network, including private health information, such as patient names, patient numbers, and clinical summaries written by doctors, which include categories such as mental status, medications, health concerns, and other categories of patient data. Other stolen data includes employee data and the contents of shared drives. One of the folders contains documents, such as background files, polygraphs, and other private identifying information of police officers with Kettering Health Police Department. On Monday, Kettering Health published an update on the cyberattack, saying the company was able to restore 'core components' of its electronic health record system, which is provided by Epic, a healthcare software company. The company said this was 'a major milestone in our broader restoration efforts and a vital step toward returning to normal operations' that allows it to 'to update and access electronic health records, facilitate communication across care teams, and coordinate patient care with greater speed and clarity.' Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
TechCrunch
03-06-2025
- Health
- TechCrunch
Health giant Kettering still facing disruption weeks after ransomware attack
Kettering Health, a network with dozens of medical and emergency centers in Ohio, is still working to recover and return to normal operations two weeks after a ransomware attack prompted 'a system-wide technology outage.' On Monday, Kettering Health said in an update that it had restored 'core components' of its electronic health record system provided by Epic, which re-established the company's 'ability to update and access electronic health records, facilitate communication across care teams, and coordinate patient care.' A patient who said they frequently rely on Kettering Health told TechCrunch that they and others cannot call into doctors' offices, are having trouble getting medication refills, and some emergency rooms are closed. 'Everything is being done by hand pen and paper,' the patient said. Contact Us Do you have more information about Kettering Health's ransomware incident? Or other ransomware attacks? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or Do you have more information about Kettering Health's ransomware incident? Or other ransomware attacks? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email . Others say they are having to deal with these issues on local subreddits. In a post on the Dayton, Ohio, subreddit, for example, a patient said they were having trouble refilling medication, without which they risked having 'a withdrawal seizure,' and couldn't call their doctor because phone lines were down. Another person wrote over the weekend that 'everything is still on paper, no computers and spotty phone service.' 'I'd avoid using Kettering right now if possible,' they wrote. Another user said that 'ambulances are still avoiding Kettering because they have to wait too long to dump patients due to paper charting and label making.' Others said they had their MRIs, cancer followups, tests before open-heart surgery, and chemotherapy sessions cancelled. Last week, Kettering Health's senior vice president of emergency operations John Weimer told a local TV station that the healthcare company believed the incident was a ransomware attack, and that it had not paid a ransom. 'As soon as this was realized, we did shut down our IT infrastructure, which essentially means we shut off our door to the world,' Weimer told WLWT Cincinnati. A spokesperson for Kettering Health did not respond to a series of questions from TechCrunch, including whether the hackers exfiltrated data, and if so, what kinds of data were taken. 'Your network was compromised, and we have secured your most vital files,' said the ransom note from the hackers, according to CNN. The news network reported that the attack was carried out by a gang called Interlock. The ransomware gang has not yet publicly taken credit for the cyberattack, suggesting the hackers may still be attempting to negotiate a ransom payment. Kettering is the latest in a series of healthcare companies targeted by hackers, both with ransomware and other types of malware. In 2024, a ransomware attack on UnitedHealth-owned health tech company Change Healthcare became the worst healthcare breach in U.S. history. Change Healthcare confirmed in January 2025 that the breach impacted 190 million people across the United States. Also last year, U.S. healthcare giant Ascension disclosed that hackers had stolen 5.6 million patient records in a ransomware attack. Healthcare news website HIPAA Journal called 2024 'an annus horribilis for healthcare data breaches,' with a record number of patients' stolen data. Kettering Health spokesperson Claire Myree acknowledged but did not respond to TechCrunch's request for comment.
Yahoo
29-05-2025
- General
- Yahoo
Kettering Health emergency depts. ‘fully operational'
DAYTON, Ohio (WDTN) — In a statement emailed Wednesday night, Kettering Health said all its emergency departments were no longer diverting patients. Its ERs are now accepting walk-ins as well as those transported by ambulance. Cyberattack a gut-punch to Kettering Health patients, staff 'This is another great milestone in our recovery process,' said John Weimer, Kettering Health senior vice president and leader for incident command. 'Our teams have worked incredibly hard to bring imaging up, so we could end diversion in our emergency departments.' The health care provider is slowly bringings systems impacted by last week's cyberattack back online. Staff and technicians worked across Memorial Day weekend to bring its Radiation Oncology department back online. Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
Yahoo
29-05-2025
- Business
- Yahoo
Kettering Health fully restores emergency operations after cyberattack
All Kettering Health emergency departments are now fully operational following a cyberattack that took its systems offline, according to a statement from the Dayton-based hospital group's website. John Weimer, Kettering Health senior vice president and leader for incident command, said in a statement that emergency rooms at Kettering Health locations are now accepting both walk-in patients and those transported by first responders. 'This is another great milestone in our recovery process. Our teams have worked incredibly hard to bring imaging up, so we could end diversion in our emergency departments,' Weimer said. The hospital group confirmed May 20 it was experiencing a cybersecurity attack due to unauthorized access to its network, according to a statement on Kettering Health's website. Kettering Health first announced it was experiencing a system-wide technology outage around 10:30 a.m. that morning, limiting its ability to access "certain patient care systems" across the organization. All elective inpatient and outpatient procedures at its facilities were canceled. Since the initial outage on May 20, teams across Kettering Health continue to restore all technology systems in the aftermath of unauthorized access that caused the cyberattack, according to their website. 'We're incredibly grateful to our community partners," Weimer said. "Especially GDAHA and Premier Health, for their support and to our own caregivers and staff who continue to develop temporary measures to boost our recovery and return to normal procedures." This article originally appeared on Cincinnati Enquirer: Emergency operations restored at Kettering Health after cyberattack
