Cyber Incident Victim: Cayuga Medical Center

On February 18, 2025, Cayuga Medical Center experienced operational disruptions following an attempted cyberattack that began Tuesday evening. The hospital implemented a temporary diversion order around 8 p.m., halting new emergency room admissions and redirecting ambulances to other facilities, including Cortland-based hospitals. This diversion remained in effect until approximately 10:45 p.m., during which state protocols required the redirection of stroke and STEMI heart attack patients. Hospital systems were isolated as a containment measure while staff assessed the situation, leading to widespread computer outages. Emergency department personnel resorted to manual paper-based processes for patient check-ins, creating visible operational challenges in waiting areas. By 11:30 p.m., the hospital had transitioned to recovery mode, resuming emergency room admissions and ending ambulance diversions, though some systems remained offline with full restoration anticipated overnight.

The incident caused measurable service interruptions, with multiple emergency room patients leaving without treatment due to extended wait times. Scanner records confirmed at least one ambulance required mid-transport redirection as the diversion took effect. Hospital spokesperson Melissa Tourtellotte clarified that only one patient transfer occurred during the outage, emphasizing this was pre-planned and unrelated to the cyber incident. By 9:20 a.m. on February 19, Cayuga Medical Center restored full operational capacity, with officials confirming the cyberattack had failed to penetrate hospital systems despite the preceding disruptions. No details regarding the attack's origin, methodology, or motives were disclosed during the publicly reported timeline.