On April 6, cancer patients at Brockton Hospital in Massachusetts showed up for chemotherapy infusions and were told to go home. The hospital’s information systems had been hit by a cyberattack. The ER closed. Ambulances were diverted. Staff switched to paper records. Patients were told to call back later to reschedule their treatment.
This wasn’t the first time that this kind of incident has happened. In May 2024, the Ascension ransomware attack took down systems across 136 hospitals for six weeks. That same year, the Change Healthcare breach compromised the personal health information of 100 million Americans, roughly one in three people in the country, and disrupted billing and authorization systems so severely that physician practices warned they might have to close their doors. After the Change breach, an AHA survey of nearly 1,000 hospitals found that 74% reported direct impact on patient care.
