A cyberattack on a major American hospital system, Ascension, has led to severe and dangerous medication mix-ups, causing significant harm to patients. Ascension, a Catholic healthcare system with over 140 facilities nationwide, detected unusual activity across its networks last month. This breach locked doctors and nurses out of their digital systems, preventing access to vital patient care details and leading to critical errors.
One alarming incident involved a patient who was mistakenly administered narcotics, leading to life-threatening breathing difficulties that required intensive care. In another tragic case, a female patient suffered cardiac arrest and died after data mishaps delayed crucial test results needed for her life-saving treatment.
Employees at various Ascension facilities have reported numerous other incidents resulting from the cyberattack. For example, a nurse in Kansas recalled a “near miss” where he almost gave a baby a potentially fatal dose of narcotics due to confusing paperwork. The nurse emphasized that such errors never happened before the cyberattack disrupted their computer systems.
Despite Ascension claiming on June 14 that network access was restored, more than a dozen staff members have revealed ongoing mistakes, including medication mix-ups and lost test results. To cope with the compromised digital systems, hospitals have resorted to makeshift solutions like handwritten sticky notes to track critically ill patients.
Justin Neisser, a travel nurse working at an Ascension hospital, warned patients about potential delays and errors in care. He expressed concern about the increased risk of harm due to the disrupted systems. An emergency room doctor in Michigan, who wished to remain anonymous, described a case where a patient was given a dangerous narcotic intended for someone else, leading to severe breathing issues and necessitating ICU admission and intubation.
Another nurse in Michigan recounted a fatal incident where a woman with low blood sugar and confusion went into cardiac arrest after waiting four hours for lab results that never arrived. The nurse expressed fear for patient safety, even stating that she would prefer to be driven to another hospital if she experienced a medical emergency at work.
Marvin Ruckle, a nurse in Kansas, highlighted the difficulty in deciphering medication dosages from paper charts, which nearly led to a dangerous overdose for an infant. He noted that such issues never occurred when the hospital was using electronic systems before the ransomware attack. Lisa Watson, another ICU nurse, also reported nearly administering the wrong medication to a critically ill patient due to the inability to scan drugs as before.
The compromised digital systems have forced staff to rely on outdated and unreliable methods, significantly increasing the risk of errors. Despite having experience with paper charts, nurses like Watson emphasized that the current system in place is far from adequate compared to previous electronic record-keeping practices.
In Maryland, ICU nurse Melissa LaRue almost administered the wrong dose of blood pressure medication due to the overwhelming amount of paperwork and the lack of digital scanning. She stressed the potential for harm in the current chaotic environment.
Cyberattacks on healthcare institutions are becoming increasingly common. The FBI’s recent internet crime report revealed that nearly 1,200 organizations were affected by ransomware in 2023, with 250 reports coming from medical groups—the highest among the 16 industries covered in the report. Experts warn that such attacks not only steal patient information but also pose serious threats to public safety, potentially blocking access to life-saving medications and treatments.
Cybersecurity expert Steven McKeon has warned that outdated security systems and fragile infrastructures make healthcare networks easy targets for hackers. He emphasized that the situation is likely to worsen if significant improvements are not made.
Ascension’s vice president of external communications, Sean Fitzpatrick, stated via email that patient care remains their highest priority despite the cyberattack. However, the ongoing issues reported by staff suggest that the healthcare system is struggling to maintain the quality of care amid the fallout from the cyberattack.
