Scripps Health Ransomware Attack Impacts 147,000 Patients

Scripps Health, the second-largest healthcare provider in San Diego, has begun mailing breach notification letters to 147,267 patients to let them know about the theft of some of their personal and health information due to a ransomware attack on May 1, 2021.

The attack compelled Scripps Health to follow its EHR downtime measures with its systems that were not available online. Employees at its medical offices and hospitals were compelled to use paper charts while systems were resolved and information was brought back. That process has taken about a month, during which access to crucial patient details including test results was prevented. Scripps Health just obtained the capability to create new records last week when the MyScripps patient site was restored online.

The attack had an impact on numerous healthcare provider’s care portals and resulted in disruption to operations at two of its four hospitals. Scripps Health made the decision to bring a few critical patients to other facilities, with all four of its major hospitals put on emergency care diversion for heart attack, stroke, and trauma patients. A number of non-urgent consultations likewise had to be postponed in the days subsequent to the attack.

Scripps Health stated its primary Epic medical record system wasn’t compromised, however prior to the ransomware deployment the attackers got files that had patient data such as names, birth dates, addresses, health insurance data, medical record numbers, patient account numbers, and certain clinical details like doctors’ names, dates of service, and treatment data. The hackers also obtained the Social Security numbers and/or driver’s license numbers of approximately 3,700 individuals. Complimentary credit monitoring and identity protection support services are being provided to those people.

Scripps Health has begun a manual analysis of the documents exposed in the attack and mentioned that it is a time-intensive step that will probably take a number of months. It is not yet known what is the remainder of the content the documents hold, stated Scripps Health in a statement regarding the attack and mentioned notification letters are being mailed to affected individuals immediately.

It is dismal that a lot of health care companies are facing the impacts of a changing cyber threat landscape. But Scripps is continuing to carry out improvements to our data security, systems, and tracking capabilities. It is also working closely with federal law enforcement to help the current investigation.

About the Author

Elizabeth Hernandez
Elizabeth Hernandez is the editor of HIPAA News. Elizabeth is an experienced journalist who has worked in the healthcare sector for several years. Her expertise is not limited to general healthcare reporting but extends to specialized areas of healthcare compliance and HIPAA compliance. Elizabeth's knowledge in these areas has made her a reliable source for information on the complexities of healthcare regulations. Elizabeth's contribution to the field extends to helping readers understand the importance of patient privacy and secure handling of health information. Elizabeth holds a postgraduate degree in journalism. You can follow Elizabeth on twitter at