Scripps Health Ransomware Attack Impacts 147,000 Patients

Scripps Health, the second-largest healthcare provider in San Diego, has begun mailing breach notification letters to 147,267 patients to let them know about the theft of some of their personal and health information due to a ransomware attack on May 1, 2021.

The attack compelled Scripps Health to follow its EHR downtime measures with its systems that were not available online. Employees at its medical offices and hospitals were compelled to use paper charts while systems were resolved and information was brought back. That process has taken about a month, during which access to crucial patient details including test results was prevented. Scripps Health just obtained the capability to create new records last week when the MyScripps patient site was restored online.

The attack had an impact on numerous healthcare provider’s care portals and resulted in disruption to operations at two of its four hospitals. Scripps Health made the decision to bring a few critical patients to other facilities, with all four of its major hospitals put on emergency care diversion for heart attack, stroke, and trauma patients. A number of non-urgent consultations likewise had to be postponed in the days subsequent to the attack.

Scripps Health stated its primary Epic medical record system wasn’t compromised, however prior to the ransomware deployment the attackers got files that had patient data such as names, birth dates, addresses, health insurance data, medical record numbers, patient account numbers, and certain clinical details like doctors’ names, dates of service, and treatment data. The hackers also obtained the Social Security numbers and/or driver’s license numbers of approximately 3,700 individuals. Complimentary credit monitoring and identity protection support services are being provided to those people.

Scripps Health has begun a manual analysis of the documents exposed in the attack and mentioned that it is a time-intensive step that will probably take a number of months. It is not yet known what is the remainder of the content the documents hold, stated Scripps Health in a statement regarding the attack and mentioned notification letters are being mailed to affected individuals immediately.

It is dismal that a lot of health care companies are facing the impacts of a changing cyber threat landscape. But Scripps is continuing to carry out improvements to our data security, systems, and tracking capabilities. It is also working closely with federal law enforcement to help the current investigation.