It is continuing to cause problems for Michigan Ascension hospitals as a result of a cyberattack, which has forced some ambulances to be diverted to other hospitals in the event of medical emergencies, delayed diagnostic imaging, and affected prescription filling. There is no response from Ascension's spokesperson as to how the attack is still impacting the company's operations, as he did not respond to my request on Monday. 

Nevertheless, a statement issued by the system on May 15 indicated that it had switched to manual paperwork in the wake of the attack. The hospital systems, physician offices, and care centres of Michigan Ascension remain operational after a disruptive cyberattack against Ascension hospitals was announced last week by the company.

Patients are awaiting the return of the hospital systems. Among the victims of this incident was Dan Newman, who went to the Ascension Borgess facility in Portage on Monday, May 13, expecting to receive specialized blood work. He was surprised to discover that there were no patients in the waiting room when he arrived. His bloodwork cannot happen according to the schedule because the computer systems are down, according to the lady at the counter. 

It has been nine days since a ransomware attack crippled the entire Ascension hospital system on May 8 with the result of a ransomware attack, and Newman and other patients are still waiting for services to resume. In addition, patients are experiencing issues with filling prescriptions, accessing their patient portal, and getting some tests performed. "There was nothing they could do," Newman said, since the disruption began last week on Wednesday, May 8, and Ascension operates more than a dozen hospitals across Michigan, including those in Kalamazoo, Saginaw, Novi and others. 

Even though all Ascension Michigan hospitals, physician offices, and care centres across Michigan are open, the company said on May 12, that they could not even look at the computer to see what the specialist had ordered. However, diagnostic imaging and testing have been temporarily delayed in some facilities. Despite the challenges posed by the ransomware incident, patient safety remains the company's top priority, as the company emphasized on May 12. Ascension intended to keep patients informed of the ongoing disruption by using paper-based systems. 

Ascension said it was thankful to patients for their understanding during the "unexpected event." It was also called a "ransomware incident." The doctor's offices and care centres at Ascension Michigan are operating with normal business hours, according to the company, although patients may experience longer wait times and delays as a result of the disruption. In May of this year, Ascension observed unusual behaviour on a selected technology network system. 

In the course of investigating the ransomware attack, the company has been forced to suspend access to systems and patient care across 15 states since then. Hospitals have faced the task of restoring systems and determining if any of the patient information has been impacted while transforming to manual systems for documenting patients' visits in the process of restoring systems. Ascension said the delay in appointments and elective surgeries that were previously scheduled are likely to cause delays and take longer than expected.

In a press release issued on May 15, an Ascension spokesperson suggested that patients bring notes on their symptoms as well as a list of current medication, including prescription numbers or bottle labels to avoid delays in treatment. In Michigan, every Ascension emergency room remains open and accepting walk-ins, and ambulatory diversion continues to be an "average operation, a fluid practice that is influenced by several factors, including the severity of the cases, the availability of services, and the number of providers," the statement stated. 

According to a spokesperson for Ascension Health, the hospital's emergency rooms are constantly in contact with emergency medicine providers to ensure that patients' cases are handled more effectively without compromising the quality of the service. Nine days after a ransomware attack, Michigan hospitals are still experiencing significant operational disruptions. Ascension Health stated on Wednesday that patients will be contacted directly if any rescheduling of surgical, diagnostic, or other doctor's appointments is necessary. 

On Monday, Ascension did not provide an immediate response to requests for information regarding which Michigan facilities are currently diverting ambulatory cases or temporarily delaying diagnostic imaging and testing. The healthcare system has involved law enforcement and various government agencies, including the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and the American Hospital Association (AHA). U.S. hospitals and healthcare systems have become major targets for ransomware groups in recent years. 

These cyberattacks can severely disrupt healthcare services and have inflicted financial damages amounting to millions of dollars on some health systems. Cyber-attacks, in general, have increased dramatically as the world becomes more digitized. Several experts have observed a significant rise in cyberattacks globally, particularly in 2023. A study supported by Apple, conducted by Professor Stuart Madnick, revealed that data breaches have reached an all-time high for organizations in the United States. Data breaches occur when unauthorized individuals access sensitive consumer information, which may then be shared or sold. 

An Ascension spokesperson emphasized last week that patient safety remains their utmost priority despite the challenges posed by the recent ransomware incident. The spokesperson commended the dedication and resilience of their doctors, nurses, and care teams, who are currently relying on manual and paper-based systems during the ongoing disruption of normal operations. Ascension is collaborating with forensic experts from three cybersecurity firms—Mandiant, CYPFER, and Palo Alto Networks Unit 42—to investigate the attack and restore their systems. This was confirmed in a system-wide update provided last week.