Yale New Haven Health experienced a cybersecurity incident over the weekend that disrupted IT services across its health system. The organization identified the issue promptly and engaged Mandiant, a cybersecurity firm, to investigate. While the incident did not compromise patient care, electronic medical records, or the patient portal, it caused intermittent internet and application connectivity problems, leading to delays and operational disruptions. Phone and internet connection issues impacted administrative workflows, requiring teams to rebuild access to critical programs. The organization notified federal authorities and assured staff, patients, and the community that updates would be provided as the situation evolved. The focus remains on restoring full system access while minimizing inconvenience to patients and staff.
TPRM report: https://www.rankiteo.com/company/yale-new-haven-health-system
"id": "yal0952809102725",
"linkid": "yale-new-haven-health-system",
"type": "Cyber Attack",
"date": "10/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'healthcare',
'location': 'Connecticut, USA',
'name': 'Yale New Haven Health',
'type': 'healthcare system'}],
'customer_advisories': ['updates provided to patients as appropriate'],
'date_detected': '2023-10-14T00:00:00Z',
'date_publicly_disclosed': '2023-10-16T00:00:00Z',
'description': 'Yale New Haven Health is investigating a cybersecurity '
'incident over the weekend that disrupted IT services across '
'its health system. The incident caused intermittent internet '
'and application connectivity issues, though patient care, the '
'patient portal, and electronic medical records remained '
'unaffected. The organization is working with Mandiant to '
'investigate and has notified federal authorities. Phone and '
'internet connection issues have impacted patient care '
'operations, and teams are actively rebuilding access to '
'affected programs.',
'impact': {'brand_reputation_impact': 'potential (due to service delays)',
'downtime': 'intermittent (ongoing as of disclosure)',
'operational_impact': ['phone and internet connection delays',
'limited access to certain programs'],
'systems_affected': ['IT services',
'internet connectivity',
'application access',
'phone systems']},
'investigation_status': 'ongoing (with Mandiant)',
'references': [{'date_accessed': '2023-10-16T00:00:00Z',
'source': 'Stream Connecticut News'}],
'regulatory_compliance': {'regulatory_notifications': ['federal authorities '
'(unspecified)']},
'response': {'communication_strategy': ['public statement',
'updates to staff and patients as '
'appropriate'],
'containment_measures': ['mitigation efforts by digital and '
'technology solutions team'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'recovery_measures': ['restoring full system access'],
'remediation_measures': ['rebuilding access to programs'],
'third_party_assistance': ['Mandiant (cybersecurity firm)']},
'stakeholder_advisories': ['public apology for inconvenience',
'request for patience from staff, patients, and '
'community'],
'title': 'Cybersecurity Incident at Yale New Haven Health Affecting IT '
'Services',
'type': ['IT service disruption', 'cybersecurity incident']}