Kettering Health, a major healthcare network operating numerous medical and emergency facilities throughout Ohio, remains severely disrupted after a ransomware attack forced it into a sweeping systems outage two weeks ago. Officials acknowledged that restoring normal operations continues to prove challenging, despite initial progress in bringing back the essential components of its Epic electronic health records platform.
In a recent update, Kettering stated it had successfully returned the Epic system’s key functionalities, enabling healthcare personnel once again to update, access, and coordinate patient records electronically. However, substantial interruption persists, with multiple patients reporting ongoing difficulties. Individuals relying on Kettering services described scenarios where communication breakdowns made calling physicians’ offices impossible, hindered medication refills, and led to the outright closure of some emergency rooms.
One affected patient described the ordeal, explaining that day-to-day healthcare tasks had regressed to pen-and-paper processes. Community forums such as the Dayton, Ohio subreddit have seen urgent pleas from individuals struggling to refill crucial medications due to downed phone lines, and users have shared warnings cautioning others to avoid Kettering services until the technological challenges are fully resolved. Patients have seen vital health appointments—including MRI scans, chemotherapy treatments, and even pre-operative testing for major surgeries—delayed or cancelled entirely.
Local emergency services have reportedly begun diverting ambulances away from Kettering facilities because the paper-based, manual operations have created significant treatment and discharge bottlenecks. John Weimer, Senior Vice President of Emergency Operations at Kettering Health, publicly confirmed the nature of the incident as ransomware-driven, stressing that the organization took immediate action by isolating its IT infrastructure at the earliest sign of trouble.
The ransom note reportedly left by the hackers claimed to have encrypted critical data files. While the identity of the perpetrators has yet to be officially confirmed, indications suggest the involvement of a cybercriminal group known as Interlock. As of now, the group has not publicly assumed responsibility for the attack, which may imply ongoing negotiations between the attackers and the organization. Kettering has so far denied paying any ransom and declined to comment on whether patient data was compromised or exfiltrated during the attack.
This situation at Kettering Health exemplifies a troubling trend of escalating cybersecurity incidents targeting healthcare institutions. The year before, the United States saw an unprecedented data breach at Change Healthcare, impacting some 190 million individuals nationwide. Similarly, Ascension Health disclosed that ransomware hackers had stolen 5.6 million patient records, underscoring 2024 as a particularly devastating year for healthcare data breaches.
While Kettering Health has publicly acknowledged the cyberattack, representatives have not provided further insight into ongoing response efforts or timelines for complete recovery. Patients and healthcare professionals in Ohio continue to feel the burden of this breach and its lasting impacts on local medical services.
