By Clara Wilson
A catastrophic hospital cyberattack has crippled one of the largest healthcare networks in the United States, forcing emergency rooms to turn away patients on Monday morning. Apex Health Systems, which operates 40 hospitals across the Midwest and Northeast, confirmed it has been hit by a sophisticated ransomware attack. As of February 2, 2026, facilities in Ohio, Pennsylvania, Michigan, Illinois, and New York have declared “internal disasters.” Ambulances are being diverted to other providers, and non-emergency surgeries have been canceled indefinitely. Federal authorities have labeled the incident a “life-threatening” national security threat.
Emergency Rooms on “Divert” Status
The crisis began early Monday morning at approximately 4:00 a.m. EST. IT staff across the Apex network noticed simultaneous system lockouts. Within minutes, access to Electronic Health Records (EHR) vanished.
By 6:00 a.m., the impact was physical and dangerous. Without access to patient histories, medication lists, or allergy information, doctors could not safely treat incoming emergencies. Consequently, hospitals initiated “ambulance diversion” protocols.
This means paramedics carrying heart attack, stroke, and trauma victims are being forced to drive past the nearest Apex facility to find alternative care. In rural areas of Ohio and Pennsylvania, this adds critical minutes to transport times.
“We are flying blind,” said one ER nurse at an Apex facility in Cleveland, speaking on condition of anonymity. “We are back to pen and paper, but we can’t see X-rays or check drug interactions. It is dangerous.”
Critical care units remain operational, but staff must manually monitor devices that are usually networked. The sudden regression to analog medicine has created a bottleneck in patient care across five states.
Ransomware Gang “DarkVoid” Suspected
While Apex Health Systems has not officially named the perpetrator, sources within the FBI indicate the attack bears the signature of “DarkVoid.” This cybercriminal syndicate is known for targeting critical infrastructure.
A ransom note reportedly appeared on thousands of hospital computer screens Monday morning. The message demanded a payment of $50 million in cryptocurrency to release the decryption keys.
The attackers employed a “double extortion” tactic. They claimed to have stolen terabytes of sensitive patient data before locking the systems. They threatened to release this private medical information on the dark web if the ransom is not paid within 48 hours.
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have deployed rapid response teams to the affected data centers. Their priority is to isolate the malware and prevent it from spreading to other healthcare networks.
“This is not just a financial crime; it is an attack on human life,” stated FBI Assistant Director Paul Abbate in a brief press conference. “Targeting hospitals during the peak of winter flu season demonstrates a complete disregard for humanity.”
Patient Safety and Cancellations
The hospital cyberattack has forced Apex to make difficult operational decisions. The network has canceled all elective surgeries and non-emergency procedures for Monday and Tuesday. This affects thousands of patients waiting for operations ranging from joint replacements to tumor biopsies.
Clinics associated with the hospital chain are also closed. Patients attempting to log into the “MyChart” patient portal are met with a “System Offline” error message.
Pharmacy systems are also down. This prevents doctors from digitally sending prescriptions. Patients being discharged cannot fill their medications at the hospital pharmacy, forcing them to find outside providers who can accept paper scripts.
Hospital administrators are urging the public to avoid Apex emergency rooms unless it is a dire life-and-death situation. They recommend utilizing urgent care centers or unaffected hospitals for minor injuries.
Impact on the “Paris Agreement” Withdrawal Markets
The cyberattack has compounded a difficult day for the U.S. economy. Markets were already volatile following the official U.S. withdrawal from the Paris Climate Agreement last Tuesday. The news of a major infrastructure attack sent the Dow Jones Industrial Average tumbling 400 points at the opening bell.
Investors fear that the attack exposes vulnerabilities in the U.S. digital infrastructure. Healthcare stocks, in particular, saw a sharp decline. Insurance companies are also bracing for the financial fallout of business interruption claims.
Energy costs, already rising due to the diplomatic shift on climate policy, are adding to the economic anxiety. The combination of geopolitical isolation and domestic insecurity has created a “Red Monday” on Wall Street.
Federal Response Activated
The White House has been briefed on the situation. The President has reportedly authorized the Cyber National Mission Force (CNMF) to assist in the response. This military unit typically defends against nation-state attacks, highlighting the severity of the breach.
Department of Health and Human Services (HHS) officials are coordinating with neighboring hospital systems to manage the overflow of patients. They are working to ensure that the ambulance diversions do not overwhelm the remaining operational ERs.
This incident is the largest healthcare breach since the Change Healthcare attack in 2024. It raises renewed questions about the cybersecurity readiness of the medical sector.
What Patients Should Do
For patients within the Apex Health Systems network, the situation is confusing and stressful. Experts offer the following advice:
- Call Ahead: Do not drive to an Apex ER without calling first to check if they are accepting patients.
- Bring Records: If you must seek care, bring physical bottles of your medications and any hard copies of medical records you possess.
- Monitor Credit: Given the threat of data theft, patients should monitor their credit reports for suspicious activity.
Restoring the network could take days or even weeks. In the meantime, doctors and nurses are working heroically with paper charts and fax machines to keep patients alive.
wfbnews.com will continue to monitor the hospital cyberattack. We will provide updates on the restoration of services and any further statements from the FBI regarding the perpetrators.
