{"id":51779,"date":"2023-05-05T15:49:07","date_gmt":"2023-05-05T15:49:07","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34585\/Tennessee-Health-System-Stops-All-Operations-Amid-Cyberattack-Recovery.html"},"modified":"2023-05-05T15:49:07","modified_gmt":"2023-05-05T15:49:07","slug":"tennessee-health-system-stops-all-operations-amid-cyberattack-recovery","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/","title":{"rendered":"Tennessee Health System Stops All Operations Amid Cyberattack Recovery"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/05\/0504_emergency_sign.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Murfreesboro Medical Clinic &amp; SurgiCenter was forced offline after a cyberattack was deployed on April 22. In response, the Tennessee provider closed all operations and launched an emergency shutdown of the network to prevent the attack from spreading.<\/p>\n<p>MMC operations were completely shut down for almost two weeks until May 4. The latest update shows that while officials hoped to restore some walk-in services on May 3, the systems weren\u2019t ready to go back online.<\/p>\n<p>At 10 a.m. on May 4, MMC began accepting patients at its Pediatrics and Internal &amp; Family Medicine walk-in clinics for \u201csick visits.\u201d However, the site is still not accepting regular appointments, and the majority of its approximate 11 locations remain closed.<\/p>\n<p>Patients took to social media to express concern over missed appointments, closures and prescription refills. An MMC spokesperson is promptly responding to those comments. But some are frustrated at response times, as well as long waits when calling into the health system with questions.<\/p>\n<p>MMC is working with law enforcement and an outside firm to investigate the incident and identify the source and scope of the attack to return to normal clinic operations. Officials said: \u201cOur first priority was to contain the incident and protect our patients and employees.\u201d<\/p>\n<p>The team is still working to restore the \u201csystems safely with enhanced security features and controls\u201d and is already working to strengthen its infrastructure to prevent a recurrence. Officials said \u201cthe quick detection by its technology experts\u201d limited the impact of the attack.<\/p>\n<p>\u201cPreserving sensitive patient and employee information is of the utmost importance to MMC, but like so many other organizations around the country and despite its best efforts, MMC has found itself as the target of criminals attempting to steal personal or company data,\u201d Joey Peay, MMC CEO, said in a statement.<\/p>\n<p>MMC is working to ensure the \u201ccomputer infrastructure is secure and free of any harmful software,\u201d he added. \u201cWe apologize for the vagueness of our recent communications, but we did not want to do anything that would impede law enforcement\u2019s investigative efforts.\u201d<\/p>\n<p>The recovery team has not yet confirmed whether any specific patient, employee or corporate data was accessed or removed from the network. Patients and employees of MMC are being urged to monitor their personal data for any misuse.<\/p>\n<p>This is the second shutdown within the health sector in the last week, and the fourth incident in a month. A cyberattack forced <a rel=\"noreferrer noopener\" href=\"https:\/\/www.scmagazine.com\/news\/incident-response\/german-health-it-vendor-bitmarck-offline-cyberattack\" target=\"_blank\">Bitmarck, an IT vendor for German health<\/a> insurers, offline after a cyberattack on May 1, while U.S. insurance giant Point 32 Health is facing disruptions from a ransomware incident deployed late last month. Both companies are still working to recover.<\/p>\n<p>A fourth provider, Cornwall Community Hospital in Ontario, faced patient care delays and a loss of access to its patient portal after a cyberattack on April 11.<\/p>\n<h2>Brightline, NationsBenefits join list of GoAnywhere hack victims<\/h2>\n<p>Pediatric behavioral health provider Brightline is notifying at least 783,638 patients and 60 of its connected vendors that their data was accessed and exfiltrated by threat actors during a hack of its Fortra GoAnywhere MFT software-as-a-service in January.<\/p>\n<p><a href=\"https:\/\/www.scmagazine.com\/brief\/ransomware\/hhs-healthcare-targeted-by-clop-lockbit-with-fortra-goanywhere-papercut-flaws\" target=\"_blank\" rel=\"noreferrer noopener\">Clop already claimed to have hacked<\/a> Brightline as far back as March, when the data of at least 63,000 children appeared on its dark web site. Those details were not included in the notice. The breach was reported to the Department of Health and Human Services in nine separate filings. Blue Shield of California, which invested in Brightline, previously issued a similar notice.<\/p>\n<p>The GoAnywhere platform is used for the secure transfer of encrypted files between business partners and maintains detailed access logs for files.<\/p>\n<p>Fortra warned clients of the zero-exploit in its file transfer solution\u2019s admin console in early February and provided a workaround as it worked on a patch. However, cybercriminals quickly released an active exploit that targeted the 1,000 exposed on-prem GoAnywhere MFT instances, or about 130 entities.<\/p>\n<p><a href=\"https:\/\/www.scmagazine.com\/news\/ransomware\/clop-ransomware-hack-of-fortra-goanywhere-mft-hits-1m-chs-patients\" target=\"_blank\" rel=\"noreferrer noopener\">Community Health Systems<\/a> was the first healthcare entity to report falling victim, which affected 1 million patients.<\/p>\n<p>The Brightline notification mirrors these earlier notices: that Fortra \u201cwas made aware of suspicious activity within certain instances of its GoAnywhere MFT service\u201d in January. An investigation found a previously unknown vulnerability that allowed an attacker to access certain customer accounts and download files.<\/p>\n<p>Brightline was notified of the vulnerability on Feb. 4 and launched a review, which confirmed the access to its Fortra service. While its network was not hacked, the threat actors were able to acquire \u201ccertain files\u201d saved in the platform.<\/p>\n<p>The delay in notifying patients outside of the 60-day requirement of <a href=\"https:\/\/www.scmagazine.com\/analysis\/security-awareness\/hipaa-requires-timely-response-for-security-incidents-says-alert-to-health-sector\" target=\"_blank\" rel=\"noreferrer noopener\">the Health Insurance Portability and Accountability Act <\/a>appears to be tied to the analysis of the accessed files.<\/p>\n<p>The data varied by patient but could include names, contact information, dates of birth, member identification numbers, dates of plan coverage, and\/or employer names. Brightline says Aetna member IDs were not compromised during the hack.<\/p>\n<p>Fortra has since deactivated the hacker\u2019s credentials, turned off the service, and rebuilt Brightline\u2019s version of the platform to remove the vulnerability. Brightline bolstered its own security, as well, which included limiting ongoing access to verified users, removing all data from the service, and reducing data exposure until the shift to an alternative file transfer service.<\/p>\n<p>The Fortra GoAnywhere hack mirrors the massive Accellion File Transfer Application attack reported in early 2021. The hack of a known vulnerability in the platform enabled access to hundreds of client systems and was easily the largest healthcare data breach reported in 2021, with over 3.51 million patients affected.<\/p>\n<p>The GoAnywhere hack has affected companies in a range of sectors, including Nintendo of America, Washington Trust Bank, Boston Children\u2019s Hospital, and a host of others.<\/p>\n<p>The healthcare entity with the largest impact so far, appears to be NationsBenefits Holdings. The supplemental benefits provider reported the incident to HHS as affecting 3.04 million patients, making the GoAnywhere hack the largest healthcare data breach reported so far this year with well over 4 million individuals impacted.<\/p>\n<p>Detected after an alert from the security team on Feb. 7, the hack impacted two NationsBenefits servers. The response team scanned the environment with \u201cmultiple security tools and confirmed the threat actors didn\u2019t access any applications or systems beyond the Fortra GoAnywhere MFT environment.\u201d<\/p>\n<p>Further, the team found no evidence that the attackers had moved laterally from the vulnerable servers. The exfiltrated data was tied to patients of multiple insurance companies, including Aetna ACE, Elevance Health, and UAW Retiree Medical Benefits.<\/p>\n<p>Since discovery, NationsBenefits took its GoAnywhere server permanently offline and implemented a new file transfer solution separate from Fortra software.<\/p>\n<p>\u201cNationsBenefits implements a comprehensive, written security and privacy program that includes technical, physical, and administrative safeguards,\u201d officials said in a statement. \u201cEven prior to the zero-day vulnerability becoming known, NationsBenefits\u2019 layered security controls. blocked certain malicious activity, limiting the impact of this incident.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34585\/Tennessee-Health-System-Stops-All-Operations-Amid-Cyberattack-Recovery.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":51780,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[10501],"class_list":["post-51779","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlineprivacymalwaredata-loss"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Tennessee Health System Stops All Operations Amid Cyberattack Recovery 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Tennessee Health System Stops All Operations Amid Cyberattack Recovery 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-05T15:49:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/05\/0504_emergency_sign.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Tennessee Health System Stops All Operations Amid Cyberattack Recovery\",\"datePublished\":\"2023-05-05T15:49:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\\\/\"},\"wordCount\":1136,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery.jpg\",\"keywords\":[\"headline,privacy,malware,data loss\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\\\/\",\"name\":\"Tennessee Health System Stops All Operations Amid Cyberattack Recovery 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery.jpg\",\"datePublished\":\"2023-05-05T15:49:07+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery.jpg\",\"width\":1280,\"height\":800},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,privacy,malware,data loss\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineprivacymalwaredata-loss\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Tennessee Health System Stops All Operations Amid Cyberattack Recovery\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Tennessee Health System Stops All Operations Amid Cyberattack Recovery 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/","og_locale":"en_US","og_type":"article","og_title":"Tennessee Health System Stops All Operations Amid Cyberattack Recovery 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-05-05T15:49:07+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/05\/0504_emergency_sign.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Tennessee Health System Stops All Operations Amid Cyberattack Recovery","datePublished":"2023-05-05T15:49:07+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/"},"wordCount":1136,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery.jpg","keywords":["headline,privacy,malware,data loss"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/","url":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/","name":"Tennessee Health System Stops All Operations Amid Cyberattack Recovery 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery.jpg","datePublished":"2023-05-05T15:49:07+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/05\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery.jpg","width":1280,"height":800},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/tennessee-health-system-stops-all-operations-amid-cyberattack-recovery\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,privacy,malware,data loss","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineprivacymalwaredata-loss\/"},{"@type":"ListItem","position":3,"name":"Tennessee Health System Stops All Operations Amid Cyberattack Recovery"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/51779","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=51779"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/51779\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/51780"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=51779"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=51779"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=51779"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}