Cyber incidents affect both of Lewiston’s hospitals

LEWISTON (WGME) – Cyber incidents are currently impacting two hospital systems with locations in Lewiston.

St. Mary’s Hospital and Central Maine Medical Center are involved, but the issue is affecting other hospitals in the state as well.

Right now, leaders haven’t said if they know what caused this or if someone’s behind it.

CMMC says its technicians discovered unusual activity within the system’s computer software Sunday.

They immediately secured and shut off all applications and hardware containing information, including network systems and phone systems.

The hospital system also includes Bridgton and Rumford Hospitals.

All three have stayed open and continue to see patients.

This came a week after another system outage affecting Covenant Health, which owns St. Mary’s Hospital.

That cybersecurity incident left the hospital’s system partially operating, but a spokesperson from Covenant Health says they’re working to restore full system access as soon as possible, and there is no timeline for when this will be completed.

Right now, access to data systems at Covenant Heath hospitals, clinics and provider practices have been discontinued.

One cybersecurity expert says hospitals are frequent targets for these attacks due to the amount of valuable data they have in their systems.

“These guys are in to make money, and in order to make money, you have to gain access to a system, shut the system down so nobody else can use it and extract enough valuable data that they are going to pay you to get resources,” Threatlocker CEO Danny Jenkins said. “Now every type of business is vulnerable to cyberattacks.”

Jenkins says, when these incidents happen, cyber attackers probably aren’t after your information.

“They are going to pull bank statements, financial software, they are going to look for what cyber insurance policies you have because they don’t care about the information itself, they just care about getting paid,” Threatlocker CEO Danny Jenkins said.

He says everyone needs to put controls into place to avoid getting hacked.

“Make sure you close down ports from the outside world because you have such a big internal environment quite often, and you have to assume someone is going to get internally onto your network.” Threatlocker CEO Danny Jenkins said. “So, limit access internally and use network controls in your environment,” he added.

Both hospital systems are advising patients to keep their appointments as physician offices and outpatient sites remain open.