Consulting Radiologists, an off-site radiology services company in Minnesota, temporarily took its systems offline earlier this month after falling victim to a cyberattack, leaving more than 100 healthcare practices it serves relying on limited in-house radiology operations to interpret scans or divert patients elsewhere for medical imaging.

The physician-owned practice in Eden Prairie has provided radiology services in the upper Midwest for over 90 years and today has 75 board-certified radiologists from all imaging subspecialties, including breast, body, diagnostic, interventional, neuroradiology, neurointerventional radiology, nuclear medicine, musculoskeletal, pediatric, and vascular and interventional radiology.

The hackers launched their attack on Sunday, February 11, and the company’s phone line was still down as of Thursday, February 15, reported Pioneer Press.

In a statement to HCB News on February 16, CRL confirmed that it had temporarily taken its systems offline but now had sites up and running and were still providing patient care.

"As part of our ongoing investigation, we are also assessing the full scope of this attack, but at this time, it does not appear that any data or personal information was taken," Darla Safarian, marketing and communications manager for Consulting Radiologists, told HCB News.

While not directly affected by the breach, small practices like Glencoe Regional Health have had to divert trauma and stroke patients to other facilities.

Allina Health, which has a heart institute at Glencoe Regional and its own cardiologists for interpreting medical images there, has said that while it has not had to transfer any patients to other facilities, not all of its clinics are equipped to read diagnostic images.

“It’s not all of our clinics, but it’s a big portion of our clinics that we partner with CRL. People have had to put in extra time for diagnostics,” Conny Bergerson, a spokesperson for Allina, told Pioneer Press.

The attack on CRL took place around the same time as an attack on Lurie Children’s Hospital, in Chicago, which has left the health system offline for over a week as well. While the nature of that attack has not been disclosed, the hospital’s email, phone, EMR, and patient family portal MyChart systems were shut down, and the FBI has been called in to investigate.

In an update on February 14, Lurie Children’s reported that email to external email addresses and most of its phone lines have been restored, but MyChart was still offline, according to the Chicago-Sun Times.

Back in October, outpatient radiology and oncology company Akumin, which serves about 1,000 hospitals and health systems in 48 states, also was the target of a ransomware attack that shut down its computer system and left it unable to perform or interpret scans at its fixed-site locations.

CRL did not respond to HCB News in time before the publication of this story.

Health IT Homepage