SAVANNAH, Ga. (WSAV) — One of Savannah’s largest hospital systems is recovering from a ransomware attack last week.

Computers are still down across St. Joseph’s/Candler (SJ/C), leaving doctors with no way to track patient information electronically. And it’s still unclear if personal or health information was impacted.

The hospital said it has recently been in contact with the FBI. The hospital assured patients it will continue to perform scheduled surgeries and oncology services.

WSAV spoke with a patient who says all computers went down around 4 a.m. Thursday, and nurses have been forced to keep track of medications with a pen and paper.

“They can’t see our MRIs — they can’t see our information. They have the medication in the drawers, thank God, but they have to enter it manually,” said the patient, who wished to remain anonymous. “They can’t go into the computer to find out what our meds are at what time.”

Ultimately, the patient says she’ll be fine and knows her medication by heart. But she worries about others in more critical condition.

“A lot of elderly people that don’t know their medication, and a lot of people that are in ICU where they are unconscious,” she said. “They are attached to these computers, and we don’t even know what’s going on with these computers.”

“It’s just a mess,” she added.

SJ/C officials say they became aware of “suspicious network activity” Thursday morning and took steps to immediately isolate their systems.

A spokesperson tells WSAV staff are trained to provide care even under these circumstances. A statement from SJ/C reads, in part:

Nothing is more important to us than continuing to provide the care our patients expect. Patient care operations continue at our facilities using established back-up processes and other downtime procedures. Our physicians, nurses and staff are trained to provide care in these types of situations and are committed to doing everything they can to mitigate disruption and provide uninterrupted care to our patients. We thank our patients for their patience during this time and apologize for any delays they may experience as we continue to work diligently to address this situation.

A similar attack happened to Las Vegas hospitals back in September 2020. The Wall Street Journal reports a group with ties to Eastern Europe has hacked more than 235 general hospitals and psychiatric facilities since 2018.

Dr. Frank Katz, director of the Center for Applied Cyber Education at Georgia Southern University, says hospitals are often easy targets. Having so many employees, he says user IDs and passwords can be easy to figure out.

Plus, they’re dealing with emergency medical care.

“They are more likely to pay than another type of business because it’s a life and death situation,” Katz said.

“It really has become a situation of money, pure and simple,” he said. “These are thieves that know they can extort the money and often get it.”

Some patients have been taking to social media to express their concerns about the attack.

“This makes me so angry. My mom is in ICU and it’s affecting her care,” one person wrote. Another said their chemotherapy appointment was canceled because of the outage.

SJ/C says those with appointments for imaging, surgery, primary care, specialty physician practices or any other outpatient procedure should keep their appointment. Patients will be contacted if their appointment needs to be rescheduled.

Oncology patients are asked to contact their doctors directly to check on the status of appointments and procedures.

SJ/C says their investigation into the cyber attack continues and law enforcement are involved.