Lawsuit: Baby Died Due to Ransomware Attack at Alabama Hospital
The baby’s mother says the hospital didn’t disclose computers were down and her daughter consequently received diminished care.
MOBILE, Ala. — A mother is suing Springhill Medical Center after she says her baby received botched care and later died while the hospital was dealing with a ransomware attack.
The lawsuit, filed by Teiranni Kidd, alleges the hospital didn’t tell her that computers were down due to a cyberattack and consequently gave her severely diminished care when she arrived to deliver her daughter on July 16, 2019, reports NBC News.
Kidd, who had gestational hypertension, was induced on July 17. During the cyberattack, computers had were disabled on every floor for several days and a real-time wireless tracker that could locate medical staff around the hospital was down, according to The Wall Street Journal,
Doctors and nurses allegedly missed a number of key tests that would have shown that the umbilical cord was wrapped around the baby’s neck, leading to brain damage.
“Because numerous electronic systems were compromised by the cyberattack, fetal tracing information was not accessible at the nurses’ station or by any physician or other healthcare provider who was not physically present in Teiranni’s labor and delivery room,” says the lawsuit.
It also allegedly took eight minutes after the baby was born for a neonatologist to arrive at the bedside. The baby, named Nicko Silar, was diagnosed with brain dysfunction caused by lack of oxygen and kidney failure, among other ailments.
If Kidd had known the hospital was amidst a ransomware attack, she would have chosen to deliver at a different hospital, the lawsuit says.
Springhill Memorial first acknowledged the cyberattack on July 9 and said it would not affect patient care. On July 16, the day Kidd arrived, the hospital shut down its network to protect data, according to The Daily Mail.
Citing court records, The Wall Street Journal reports that without the hospital’s computer and network systems, doctors and nurses had to communicate through text.
“We have no computer charting for I don’t know how long,” one manager told a nurse, according to court papers.
Springhill Medical Center President Jeff St. Clair said he was proud of how the hospital handled business during the cyberattack.
“We stayed open and our dedicated healthcare workers continued to care for our patients,” a hospital spokesperson told The Daily Mail. “We did this, of course, because our patients needed us and we, along with the independent treating physicians who exercised their privileges at the hospital, concluded it was safe to do so.”
Kidd first sued the hospital in January 2020 but later amended the lawsuit that July after her daughter passed away at nine months. The lawsuit is the first credible public claim that someone’s death was caused at least in part by hackers, says The Wall Street Journal.
In 2020, a German woman died after being rerouted to a different emergency room because the nearest hospital was dealing with a ransomware attack. However, government officials determined there wasn’t sufficient evidence to prove the ransomware played a significant role in her death.