x
Breaking News
More () »

No, Northern Light Health never lost control of its servers

A lot of information circulating online about the incident is "incorrect," according to a Northern Light Health spokesperson.

BANGOR, Maine —

THE QUESTION

Did Northern Light Health lose control of its servers on Saturday, including HVAC, patient records, and its security system?

THE SOURCES

THE ANSWER

This is false.

No, Northern Light Health did not lose control of its servers on Saturday. 

WHAT WE FOUND

Several computer servers in the network that supports Northern Light Health were discovered to be compromised Saturday afternoon. According to NLH officials, none of the computers that were found compromised contained patient information. 

Several hours after the affected servers were found to be compromised, officials with the health care system decided to take servers containing patient information offline, enacting what they called "downtime" mode.  

When asked whether any sensitive data could have been released, aside from patient data, Suzanne Spruce, the senior VP of Northern Light Health and chief marketing and communications officer, said this: "We have control of our systems."

However, these measures did not stop misinformation from quickly spreading online, with posts on social media circulating details the hospital said were "incorrect." 

NEWS CENTER Maine spoke with several Northern Light Health officials, who said repeatedly that patient information was not affected by the compromised servers and that patient care was not interrupted by the incident. 

Here is a list of what hospital officials told NEWS CENTER Maine in an effort to clarify what did and did not happen Saturday: 

  • Northern Light Health did not lose control of its servers
  • NLH had full control of HVAC and its security systems
  • Patient records were not compromised 
  • NLH had not been contacted by a third party, and there was no indication any of their information was being held for ransom
  • All NLH hospitals remained open on Saturday

Officials with the health care system said they had contacted "appropriate authorities," about the incident, but they did not provide specifics.

"We will share more information with our patients, staff, and communities as it becomes available. In the meantime, we remain at the ready to deliver great care," Patricia Patterson King, a spokesperson with the health care system, said. 

Lori Sussman, a professor of technology and cybersecurity at the University of Maine, helped clarify several of the claims and offered tips to help people better protect their private information. 

Sussman explained first that an anomaly detected on a server doesn't always mean that it is a malicious act, such as a person attempting to hack into the system and get access to important data. It could be something as simple as a software glitch or hardware failure. 

The anomaly detected by Northern Light Health was enough to alert their network security team to take action and investigate the cause and extent of the incident, which has not been disclosed as of Tuesday. 

Northern Light Health maintained that they were in control of their servers, contrary to one of the myths circulating online. Sussman explained how it's possible to maintain control of servers while they are compromised.  

"What they mean is they literally control the servers. They can turn them off, they can turn them on, they control the servers," she said. "In certain cases, bad guys will take control of assets. So, they have control of the assets. Again, if there are anomalies, there can be a variety of reasons."

Sussman said that based on her understanding of the situation, Northern Light Health did "all the right things" to maintain patient records. 

"They saw something was amiss ... and whatever it was, they immediately saw that, and they took the server offline," she explained. 

Sussman then explained that there are ways to determine the source and impacts of anomalies through "forensics." 

"They have tools to determine whether or not, during the course of this weird behavior ... if anything was accessed and moved, and the answer I heard was 'no.' Then they took it offline to make double sure, as they check things out," Sussman said of Northern Light Health's decision to take patient records offline Saturday until Monday. 

Don’t miss these NEWS CENTER Maine stories


Before You Leave, Check This Out