{
	"id": "c3e1e4db-00ee-4c79-b76b-8d25e3513d59",
	"created_at": "2026-04-06T00:18:39.939468Z",
	"updated_at": "2026-04-10T03:21:24.639491Z",
	"deleted_at": null,
	"sha1_hash": "6618c7b38c077eed2cfe189a8a07a9df809e37d4",
	"title": "Upstate New York nonprofit hospitals still facing issues after LockBit ransomware attack",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 74897,
	"plain_text": "Upstate New York nonprofit hospitals still facing issues after\r\nLockBit ransomware attack\r\nBy Jonathan Greig\r\nPublished: 2023-09-14 · Archived: 2026-04-05 14:11:08 UTC\r\nTwo major hospitals serving thousands in upstate New York are struggling to recover from cyberattacks that were\r\nannounced last week.\r\nThe two facilities, Carthage Area Hospital and Claxton-Hepburn Medical Center, serve an area with more than\r\n200,000 people in Jefferson, Lewis and St. Lawrence Counties.\r\nFor two weeks, the hospitals have been dealing with a cybersecurity incident that forced them to divert\r\nambulances to other local hospitals and reschedule most appointments.\r\nLocal news outlets reported that the FBI, the New York State Department of Health and the Division of Homeland\r\nSecurity and Emergency Services are involved in the hospitals’ recovery effort. Phone systems were restored on\r\nSeptember 2 but several other services are still unavailable.\r\nCarthage Area Hospital is a 25-bed facility serving both civilian and military personnel while Claxton-Hepburn\r\nMedical Center is a 127-bed community hospital and regional referral center with several specialized arms for\r\nchildren and mental health.\r\nThe hospitals have not responded to requests for comment about the situation but published a statement\r\nSeptember 6 on their Facebook pages confirming that they would continue canceling all appointments except\r\nthose related to dialysis, cancer treatment and wound care.\r\n“All patients with appointments that need to be rescheduled will be contacted. Any patient with urgent health\r\nconcerns should still call their healthcare provider. Patients with emergency conditions should go to their nearest\r\nemergency department,” they said.\r\n“We continue to take every step necessary to protect privacy and security and maintain as many of our services as\r\npossible. We appreciate your patience and understanding.”\r\nOn Wednesday, Claxton-Hepburn Medical Center said it would continue canceling outpatient appointments\r\nthrough this week at health centers and physician offices.\r\n“Please note that we are still experiencing intermittent connectivity issues at times. If you have a medical\r\nemergency, please call 911 or proceed to the nearest emergency room,” they said.\r\nOn Thursday, the LockBit ransomware gang added the hospitals to its leak site, threatening to publish data stolen\r\nfrom the nonprofits if a ransom is not paid by September 19.\r\nhttps://therecord.media/upstate-new-york-hospitals-ransomware-attack\r\nPage 1 of 3\n\nDespite the gang’s tenuous rules banning affiliates and members from attacking hospitals, LockBit actors have\r\nrepeatedly gone after healthcare institutions across the world.\r\nThe gang caused outrage when it attacked Toronto’s Hospital for Sick Children days before Christmas. Three\r\nweeks before that attack, the group was accused of attacking the Hospital Centre of Versailles in France.\r\nIn August 2022, LockBit proudly took credit for a crippling attack on Center Hospital Sud Francilien in Corbeil-Essonnes. The attack knocked out the hospital’s “business software, storage systems (in particular medical\r\nimaging) and the information system relating to patient admissions.”\r\nOne month ago, the gang also announced an attack on a subsidiary of healthcare technology giant Siemens\r\nHealthineers, which focuses on radiation oncology treatments.\r\nRansomware attacks on healthcare facilities have become a major concern for cybersecurity officials in the U.S.\r\nSeveral officials at the Cybersecurity and Infrastructure Security Agency said during the Black Hat and DefCon\r\nsecurity conferences that attacks causing ambulance diversions were particularly alarming considering how vital\r\nany extra second or minute can be to surviving certain health scares like strokes and heart attacks.\r\nGet more insights with the\r\nRecorded Future\r\nIntelligence Cloud.\r\nLearn more.\r\nNo previous article\r\nNo new articles\r\nhttps://therecord.media/upstate-new-york-hospitals-ransomware-attack\r\nPage 2 of 3\n\nJonathan Greig\r\nis a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since\r\n2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.\r\nHe previously covered cybersecurity at ZDNet and TechRepublic.\r\nSource: https://therecord.media/upstate-new-york-hospitals-ransomware-attack\r\nhttps://therecord.media/upstate-new-york-hospitals-ransomware-attack\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://therecord.media/upstate-new-york-hospitals-ransomware-attack"
	],
	"report_names": [
		"upstate-new-york-hospitals-ransomware-attack"
	],
	"threat_actors": [],
	"ts_created_at": 1775434719,
	"ts_updated_at": 1775791284,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/6618c7b38c077eed2cfe189a8a07a9df809e37d4.pdf",
		"text": "https://archive.orkl.eu/6618c7b38c077eed2cfe189a8a07a9df809e37d4.txt",
		"img": "https://archive.orkl.eu/6618c7b38c077eed2cfe189a8a07a9df809e37d4.jpg"
	}
}