Kettering Health, an Ohio-based healthcare system operating 14 medical centers and 120 outpatient facilities, suffered a **system-wide cyberattack** causing a **technology outage** due to unauthorized network access. The attack led to the **cancellation of elective inpatient and outpatient procedures**, disrupted call center operations, and exposed patients to **scam calls** (potentially linked to the breach) demanding credit card payments for fake medical expenses. While emergency rooms and clinics remained operational, the incident **delayed critical patient care**, including surgeries and treatments. The attack aligns with rising cyber threats in healthcare, where ransomware and hacking incidents frequently target sensitive medical data, disrupt operations, and exploit patient vulnerabilities. The breach’s full scope—including data exfiltration or ransomware involvement—remains under investigation, but the **operational and reputational damage** is already significant, mirroring broader industry trends like the 2024 Change Healthcare attack affecting 190 million records.
Source: https://www.cybersecuritydive.com/news/kettering-health-ohio-cyberattack/748849/
TPRM report: https://www.rankiteo.com/company/ketteringhealth
"id": "ket1452714112725",
"linkid": "ketteringhealth",
"type": "Cyber Attack",
"date": "6/2024",
"severity": "100",
"impact": "7",
"explanation": "Attack that could injure or kill people"{'affected_entities': [{'industry': 'Healthcare',
'location': 'Western Ohio, USA',
'name': 'Kettering Health',
'size': '14 medical centers, 120 outpatient facilities',
'type': 'Healthcare System'}],
'customer_advisories': ['Warning to patients about fraudulent payment '
'requests'],
'date_detected': '2024-XX-XXT00:00:00Z',
'date_publicly_disclosed': '2024-XX-XXT00:00:00Z',
'description': 'Kettering Health, an Ohio-based health system operating 14 '
'medical centers and 120 outpatient facilities, experienced a '
'system-wide technology outage due to unauthorized network '
'access on Tuesday morning. The incident led to the '
'cancellation of elective inpatient and outpatient procedures, '
'disrupted call center operations, and prompted scam calls to '
'patients falsely requesting credit card payments. The health '
'system’s emergency rooms and clinics remained operational. '
'Kettering is actively investigating and mitigating the '
'attack, though the link between the scam calls and the '
'cyberattack remains unconfirmed.',
'impact': {'brand_reputation_impact': ['Potential erosion of trust due to '
'scam calls and service disruptions'],
'customer_complaints': ['Reports of scam calls from patients'],
'downtime': ['Elective procedures canceled (1+ day)',
'Call center intermittently inaccessible'],
'identity_theft_risk': ['Potential (unconfirmed link to scam '
'calls)'],
'operational_impact': ['Cancellation of elective '
'inpatient/outpatient procedures',
'Scam calls targeting patients for '
'fraudulent payments',
'Disruption to non-emergency services'],
'payment_information_risk': ['Scam calls requesting credit card '
'payments (unconfirmed link to '
'breach)'],
'systems_affected': ['Electronic Health Records (EHR)',
'Call Center Systems',
'Scheduling Systems']},
'investigation_status': 'Ongoing (active investigation and monitoring)',
'motivation': ['Financial Gain',
'Disruption of Healthcare Services',
'Data Theft (Potential)'],
'references': [{'source': 'Healthcare Dive'},
{'source': 'Kettering Health Press Release'}],
'response': {'communication_strategy': ['Public press release',
'Patient advisory on scam calls'],
'containment_measures': ['Steps taken to contain and mitigate '
'unauthorized access'],
'enhanced_monitoring': ['Active monitoring of the situation'],
'incident_response_plan_activated': True,
'remediation_measures': ['Active investigation and monitoring']},
'stakeholder_advisories': ['Public statement on outage and scam calls'],
'title': 'Cyberattack on Kettering Health Disrupts Patient Care and Triggers '
'Scam Calls',
'type': ['Cyberattack', 'Unauthorized Network Access', 'Potential Ransomware']}