Security Breaches

Brockton Hospital Implements Downtime Procedure After Ransomware Attack

By Daniel Lopez

Brockton Hospital in Massachusetts continues to operate under downtime procedures following a ransomware attack on April 6, 2026, that disrupted electronic systems, patient services, and clinical operations.

Incident Overview

Brockton Hospital experienced a cybersecurity incident on April 6, 2026, that resulted in multiple electronic systems being taken offline. The disruption required the hospital to redirect ambulances to other hospital facilities and postpone scheduled cancer treatments. An investigation into the security incident remains ongoing, with involvement from national and state officials.

The hospital is part of Signature Healthcare, which has provided updates regarding the operational impact and recovery efforts. Some systems have been restored; however, full system functionality has not yet been achieved.

Operational Impact

The hospital continues to rely on downtime procedures, with staff using paper-based processes instead of electronic systems. A spokesperson for Signature Healthcare confirmed that these procedures are expected to remain in place for two weeks.

Patient care services are continuing, although certain functions remain disrupted. Laboratory work and medical testing are still being conducted, though there are delays in services. The patient portal system is still not accessible, therefore, the hospital cannot fill new prescriptions or process requests for patient health records.

The hospital still manages to operate its inpatient food services, though accommodations for special dietary restrictions are not available at this time.

Ransomware Attribution and Data Exposure Claims

The ransomware attack has been attributed to the Anubis ransomware-as-a-service group. The group uses a double extortion model that involves encrypting files and exfiltrating data.

Information provided by SuspectFile indicates that files were encrypted during the attack. A representative of the Anubis group told SuspectFile that non-critical systems were affected and that approximately 2TB of data was exfiltrated, including patient-related data. The Anubis group has listed the hospital on its data leak site and is using a countdown mechanism to apply pressure for ransom payment.

Brockton Hospital has not confirmed the extent of data exfiltration. The full scope of any potential data exposure remains under investigation. In case patient protected health information (PHI) is compromised, the hospital may need to report it to OCR and notify affected individuals as required by HIPAA laws.

Recovery Status

Recent reports state that ambulances are no longer being diverted and have resumed normal routing to the hospital. Hospital management has stated that patient care remains the primary focus, alongside system remediation and safe restoration of affected systems. The organization continues to prioritize restoring operations while maintaining clinical services under current limitations.

Image credit: nfiniteFlow, AdobeStock / logo©SignatureHealthcare

Twitter Facebook LinkedIn Reddit Link copied to clipboard

Posted by

Daniel Lopez

Daniel Lopez is the HIPAA trainer behind HIPAA Coach and the HIPAA subject matter expert for NetSec.news. Daniel has over 10 years experience as a HIPAA coach. Daniel provides his HIPAA expertise on several publications including Healthcare IT Journal and The HIPAA Guide. Daniel has studied Health Information Management before focusing his career on HIPAA compliance and protecting patient privacy. You can follow Daniel on Twitter / X https://twitter.com/DanielLHIPAA

Related News

OCR Video Explains HIPAA Security Rule Risk Management