On October 18, WFLX reported that Akumin was turning away patients after an apparent ransomware attack. The attack was potentially very concerning because Akumin provides medical scans and radiology services for about 1,000 hospitals and health systems in 48 states, although it is headquartered in Florida.
Akumin first noticed suspicious activity on Oct. 11 and proactively shut down computer systems. In an update on the incident posted yesterday on its website, Akumin writes that patients are still unable to make appointments at some fixed-site locations and “Access to certain imaging results from prior years may be currently unavailable.”
Due to a recent ransomware incident, we have temporarily postponed most of our clinical and diagnostic operations until we can restore our systems in a safe and secure manner. We are temporarily unable to see patients at some of our fixed-site locations. We will alert patients once we are able to reschedule appointments. At this time, we are unable to provide an estimated timeline for restoration of services, but we continue to make progress. If you require additional assistance, please contact your physician directly.
To date, no ransomware group that maintains a leak site has claimed responsibility for the attack or leaked any data from it, and Akumin has not indicated who the threat actors might be. DataBreaches sent an inquiry to Akumin seeking additional details. In response, a spokesperson sent the following statement:
“Upon becoming aware of the incident, we took quick action to secure our networks, including shutting down systems. We also launched an investigation, are working with experienced advisors, and notified law enforcement.
We have implemented a series of workarounds and manual processes for which our staff are well trained to support our patients and health partners and minimize disruptions in order to ensure continuity of care for patients. We are working closely with our business partners and third-party specialists to safely resume business activities. We have made substantial progress restoring certain operations, including all oncology services, since taking our systems offline, and have resumed treating some patients. More systems are being brought online each day. Akumin remains committed to providing high-quality services to our patients and health partners. We will provide additional updates as we are able.“
Filed for Bankruptcy This Month
First Coast News in Florida reports that in an SEC 8-K filing dated October 22, 2023, Akumin CEO Riadh Zine said the company got notice from Nasdaq’s Listing Qualifications Department that Akumin’s “Common Stock’s closing bid price had been below $1 for 30 consecutive business days and that it was therefore not in compliance with Bid Price Requirement.”
Nasdaq gives companies 180 days to regain compliance with the Bid Price Requirement. The company was eligible to qualify for a second 180 calendar-day period to regain compliance.
In August, they got another notice from Nasdaq’s Listing Qualifications Department that “it was not in compliance with Nasdaq’s Continued Listing Standards due to its failure to meet the Equity Standard.”
One month later, Akumin requested to submit a plan to regain compliance.
The company failed to regain compliance and filed for bankruptcy this month.
Akumin’s SEC 8-K filing of October 11 concerning the ransomware attack can be found here.
Story updated to include Akumin’s statement.