IT Lessons Learned from Cyber Attack on Eskenazi Health

Cyber attacks are becoming more common among businesses in all industries, especially those affecting hospitals and healthcare facilities. As more healthcare operations are transferred online through electronic health records (EHRs), there is an increased susceptibility to cybercrime, as seen in the cyber attack on Eskenazi Health.

A ransomware attack puts every aspect of the hospital in jeopardy. Not only is patient data at risk, but hospital records, intake procedures, and medical billing are all in danger, too.

One ransomware attack shut down the entire Eskenazi Health system in a matter of hours. Eskenazi detected a ransomware attack on Wednesday morning at 3:30 am and began shutting down their services and operations to prevent the malware from spreading throughout the system. By 8:00 am, they were turning away ambulances and diverting patients to alternate healthcare facilities because the hospital didn’t have access to their own electronic health records.

This ransomware attack put the lives of patients at risk, and Eskenazi Health lost the revenue they would have earned from the patients who had to be treated at nearby hospitals.

The IT lessons learned from the cyber attack on Eskenazi Health are all tied to one overarching theme: it is imperative that your business has proactive IT security measures in place to prevent cyberattacks.

What is ransomware?

Ransomware is a type of malware that encrypts files making them inaccessible. Hackers use ransomware to encrypt the data of a person or business, thus leaving the business unable to access the files they need in order to run their daily operations. Then they demand a ransom to restore access to their system, give instructions on how to pay a fee, and provide a decryption key after payment.

There are three major methods that ransomware uses to infect a business. Ransomware targets a system through phishing emails that contain a malicious attachment, a user clicking on a malicious link, or displaying an advertisement that contains malware. Anyone at a medical practice who clicks on an unknown link or attachment could put the whole practice at risk.

How Ransomware Can Impact Healthcare Businesses

During a ransomware attack, hospitals can’t function properly because of their reliance on electronic records. Doctors use electronic records to access patient information, communicate with other specialists, and document treatment and prescriptions. 

Trying to function without access to patient information and documenting treatment is impossible. It puts patients at risk.

Besides patient records, practice management and medical billing are all done electronically and are attractive kinds of data to a cybercriminal. The ransomware attack eliminates a practice’s ability to schedule patients, check insurance eligibility, and create bills for service.

Because a ransomware attack compromises the security of the system, hackers not only kick you out of your own programs, but they can gain access to confidential patient data including financial information, health records, and personal information. This creates a headache for the healthcare practice to increase the security of patient data, restore patient confidence and remain HIPAA compliant.

Protect Against Cyber Attacks

Taking control of your IT security can drastically reduce the opportunity for ransomware and other cyber attacks. You can protect against ransomware by properly securing networks, systems, and end users. 

Make sure you keep your anti-virus current and implement proper email filtering. Maintain up-to-date backups and store files offline to protect against ransomware attacks with an IT company.

Partner with AxiaTP to defend against cybersecurity attacks. Our managed IT services allow your healthcare business to focus on treating patients instead of staying preoccupied with IT security. Our team will continuously monitor your system to reduce downtime and prevent cyberattacks.


Let’s align your IT strategy to your business goals! Get in touch with AxiaTP today.