Major healthcare system impacted by “cyber incident.”

Ascension, a health system with 140 hospitals in 19 states and Washington, D.C., and tens of thousands of employees and affiliated providers, detected a “cybersecurity event” on Wednesday that resulted in a “disruption to clinical operations,” the company said.

Severe impacts on medical care were reported in several states, including Kansas, Florida and Michigan, including the diversion of some patients to other hospitals and a lack of access to digital records.

“We have to write everything down on paper,” a doctor in Michigan told the Detroit Free Press. “It’s like the 1980s or 1990s.”

The attack comes as lawmakers and federal regulators continue to grapple with the fallout from the February attack on Change Healthcare, which the company estimates likely exposed private data of “a significant portion” of Americans.

The company admitted to paying $22 million to ransomware group ALPHV before the group shut down its website. The disgruntled partner, who claimed to have worked with ALPHV to carry out the attack before being cut out of the proceeds, subsequently leaked 4 terabytes of the data to another extortion site.

The Change Healthcare situation has renewed calls for minimum cybersecurity standards in the hospital sector, a proposal industry groups have vowed against.

According to cybersecurity firm Emsisoft, healthcare is one of the most frequently targeted sectors by ransomware operators, likely because attackers know that disruptions to medical services and care cannot be sustained for long and operators may be more likely to pay extortion.