Cyber incidents hitting hospitals

A hospital cyberattack does not start with dramatic movie scenes. It usually starts with ordinary things breaking at once: insurance claims stop moving, lab orders stop routing, prescriptions stall, and staff switch from keyboards to paper. (pharmacytimes.com) That is why the Change Healthcare attack in February 2024 still hangs over hospitals in 2026. Change Healthcare handled billing and payment traffic across the United States, and Pharmacy Times says the outage left hospitals, physician offices, and pharmacies unable to process claims after ransomware was deployed on February 21, 2024. (pharmacytimes.com) The scale was enormous. Pharmacy Times reports that more than 90 percent of the nation’s 70,000 pharmacies had to improvise electronic workarounds, while the remaining 10 percent fell back on offline methods. (pharmacytimes.com) A billing outage sounds administrative until you follow what it touches. The American Hospital Association said the Change Healthcare disruption endangered patient access to care, interrupted eligibility and clinical operations, and threatened the solvency of providers that depend on constant payment flow. (aha.org) Now the same risk is showing up in a different form in the Netherlands. BleepingComputer reported on April 10, 2026, that Dutch healthcare software vendor ChipSoft was hit by ransomware and took its website and digital services for patients and healthcare providers offline. (bleepingcomputer.com) ChipSoft matters because it is not a single hospital. Reporting on the attack says the company’s software is used by roughly 70 to 80 percent of Dutch hospitals, so one vendor problem can ripple across many separate health systems at the same time. (bleepingcomputer.com, theregister.com) The outage in Brockton, Massachusetts shows the ground-level version of the same story. The Boston Globe reported on April 9, 2026, that Brockton Hospital’s cybersecurity incident was expected to last weeks, not days. (bostonglobe.com) When hospital systems stay down that long, the damage spreads beyond the server room. Boston-area reporting says clinicians at Brockton were preparing to work on paper for about two weeks, while ambulance traffic and some services were disrupted during the incident. (boston25news.com, boston.com) Labs sit in the middle of all this even when they are not the direct target. If billing systems fail, tests can be hard to authorize; if hospital record systems fail, orders and results can bottleneck; if patient portals go dark, finished results can no longer reach the people waiting for them. (ama-assn.org, bleepingcomputer.com) The common thread is concentration. Change Healthcare concentrated claims traffic, ChipSoft concentrates hospital software in the Netherlands, and a single local outage at Brockton shows how fast digital failures turn into canceled routines, phone calls, handwritten forms, and delayed care. (pharmacytimes.com, theregister.com, bostonglobe.com)