“A ransomware attack has caused a health care chain, which operates 30 hospitals in six states, to move patients from some of its emergency rooms to other hospitals, while putting certain procedures on pause, the company announced.

According to a statement from Ardent Health Services, the attack happened on November 23. The company said as a result of the attack, it took its network offline and suspended user access to its information technology applications, including the software used to document patient care.

As of Tuesday afternoon, the company says about half of Ardent’s 25 emergency rooms were still operating on “divert,” meaning the hospitals have asked ambulances to take those needing emergency care to other facilities in their areas, Ardent spokesperson Will Roberts told the Associated Press.”