Cyber attack disrupts cancer care

42 health care sites nationwide affected, including an Atlanta hospital
Emory Saint Joseph’s Hospital was among the health care providers nationwide affected by a cyberattack involving medical equipment.

Emory Saint Joseph’s Hospital was among the health care providers nationwide affected by a cyberattack involving medical equipment.

Some cancer patients across the U.S. saw their high-tech radiation treatment delayed or disrupted in recent days after a medical systems company with U.S. headquarters in Dunwoody suffered a cyberattack.

Elekta, a Swedish company with global headquarters in Stockholm, provides precision cancer radiation treatment software to some of the most prestigious health care facilities in the country. Yale New Haven Health System was among those whose cancer care machines went down over the last week due to the breach, only coming back online this Monday, a Yale spokesman said.

In Georgia, Emory Healthcare also confirmed that some of its patients at Emory St. Joseph’s Hospital were shifted to other Emory hospitals following the breach of Elekta’s software for linear accelerators used in radiation therapy. St. Joseph’s is Emory’s only hospital that uses Elekta, a spokeswoman said.

“Emory Healthcare takes this event very seriously,” said the spokeswoman, Janet Christenbury.

A cancer patient at Emory Healthcare told The Atlanta Journal-Constitution that his radiation treatment scheduled for last week was suddenly rescheduled due to computer server issues. The patient did not want his name used to protect the privacy of his treatment and said he did not know the name of his radiation system.

“It’s stressful enough” to have cancer treatment, the patient said. And then “to have to deal with this.”

The patient’s treatment is expected to resume this week.

About 42 health care sites across the U.S. saw service disrupted as a result of the breach, a spokesman for Elekta said.

“We are doing everything we can to get impacted customers up and running,” Mattias Thorsson, Elekta’s vice president of corporate communications, said in an email. “We are working with each customer to find a solution that works for them to get them treating as soon as possible, which is already the case for some of them.”

Other hospitals mentioned in news reports as affected by the breach included Southcoast Health in Massachusetts, Lifespan Cancer Institute in Rhode Island, and Rhode Island Hospital.

The U.S. saw a spike in cyberattacks on health care providers in 2020.

icon to expand image

Hospitals and health care systems are increasingly targets of hackers. Some hacks are aimed at stealing patient health information. Others are “ransomware” attacks, designed to inflict maximum fear as the hacker seizes control of the data or system in order to extort money. Elekta did not release details of this particular attack.

Some experts have said the coronavirus pandemic left health care systems easier targets because they are overwhelmed dealing with COVID-19.

Interpol, the international police organization, early in the pandemic said that its cybercrime unit had detected “a significant increase” in ransomware attacks targeting pandemic response institutions, adding that “cybercriminals are using ransomware to hold hospitals and medical services digitally hostage; preventing them from accessing vital files and systems until a ransom is paid.”

The hacking report Protenus Breach Barometer said healthcare hacking incidents rose 42% in 2020. Other services estimated the increase being from 25% to 55%.

Some of the cyberattacks could put patient care at risk, such as ones that target medical devices such as insulin pumps or pacemakers.

Elekta works with cloud-based systems, and it said that as a protection it took all its first-generation systems offline on April 22. Only some of its 170 customers nationwide were affected, Thorsson said. As part of its response to the breach, it has sped up a migration that was in process, transferring those customers to the Microsoft Azure cloud.

It is also working with cyber experts and law enforcement investigators including the FBI to understand what happened.

Caleb Barlow, CEO of the Texas-based cybersecurity consulting firm CynergisTek, in comments to the news organization MedTechDive, echoed that healthcare is being targeted in the pandemic. He added that there was also more opportunity for hacking because of the pandemic’s shift to remote care and communications.

“The bad guys know healthcare is very vulnerable,” Barlow said.


Cybersecurity experts said healthcare data breaches had spiked during the pandemic, as hackers try to take advantage of a weak moment in the health system. Often they are trying to take control of data, or a crucial system, in order to demand ransom payment to give the control back. Elekta did not gives details about this hack. Here are some points:

Who: Elekta, based in Sweden with North American headquarters in Dunwoody, makes precision cancer radiation treatment systems. It uses cloud computer technology.

What: Some hospitals that use the systems reported the systems going offline. Elekta said it suffered a “data security incident.”

When: The incidents started last week, and Elekta took its first-generation systems offline April 22. It is working with hospitals to go back online this week. Yale New Haven is back online.