As healthcare systems across the United States continue to face mounting cybersecurity threats, St. Joseph Hospital has confirmed it suffered a targeted cyberattack that disrupted operations across the Covenant Health network. The incident was identified after irregularities affecting connectivity emerged across multiple Covenant Health organizations, prompting immediate exploration by cybersecurity specialists.
Hospital officials traced the attack to an outside group that initiated what they characterized as a targeted cyber incident. Both St. Joseph Hospital in Bangor and St. Mary’s Hospital in Lewiston experienced disruptions because of their Covenant Health affiliation, highlighting the vulnerability of interconnected healthcare networks to coordinated attacks.
In response to the breach, administrators immediately discontinued access to all data systems across hospitals, clinics, and provider practices to contain the incident. The organization engaged outside cybersecurity specialists to scrutinize the breach and restore full system functionality, though no specific timeline for complete restoration has been provided. Such incidents often result in catastrophic business losses, with 60% of organizations failing within six months of a major cyberattack.
The cyberattack temporarily eliminated access to electronic medical records and digital systems, forcing healthcare providers to adapt their workflows and implement manual processing procedures. Although the organization has not announced widespread appointment cancellations, operational slowdowns and extended wait times are expected during the system outage period.
This incident reflects a broader pattern of cyberattacks targeting American hospitals, with healthcare facilities becoming increasingly attractive targets for cybercriminals seeking sensitive patient data. In 2023, healthcare organizations reported 725 data breaches that exposed over 133 million patient records, according to federal statistics.
Similar attacks have affected other Catholic health systems, including Ascension, which faced comparable disruptions to electronic health records and safety systems. Hospital officials have made continuous assessments to understand the full scope of the breach and its impact on operations.
Covenant Health officials continue exploring the attack with external cybersecurity experts, though specific details regarding the nature of the breach, whether ransomware or data theft, remain undisclosed. The organization has highlighted patient safety and care continuity whilst maintaining transparency about the incident’s impact. Additionally, Covenant Health operates St. Andre Health Care as part of its network affected by the cyberattack.
Patients have been advised to maintain scheduled appointments and contact their providers with concerns. Hospital spokespeople continue providing regular updates as the restoration process advances, acting with what officials describe as an abundance of caution.
