Scripps Health Ransomware Attack Affects 147,000 Individuals

Scripps Health, the 2nd biggest healthcare organization in San Diego, has commenced delivering breach notification letters to 147,267 individuals to inform them regarding the theft of their private and health information because of a ransomware attack on May 1, 2021.

The attack pushed Scripps Health to undertake its EHR downtime processes because its systems were not accessible online. Personnel at its medical clinics and hospitals were made to refer to paper charts as systems were repaired and records were restored. That course of action took more or less a month when access to vital patient data like test findings was blocked. Scripps Health merely obtained the potential to make new files a week ago when the MyScripps patient website was recovered on the internet.

The attack impacted numerous of the healthcare provider’s care websites and prompted interruption to procedures at two of its hospitals. Scripps Health decided to redirect a number of critical patients to other establishments, with all four of its primary hospitals set on emergency care diversion for heart attack, trauma, and stroke patients. Many non-urgent visits at the same time had to be deferred in the days after the attack.

Scripps Health stated its principal Epic medical record system had not been breached, although before the ransomware deployment the threat actors got records that included patient information like names, dates of birth, addresses, medical insurance details, patient account numbers, medical record numbers, and a number of clinical data, for instance, physicians’ names, dates of service, and treatment details. The attackers additionally acquired the Driver’s License Numbers And/or Social Security Numbers of about 3,700 people. FreeFree credit monitoring and identity protection support services are being given to those persons.

Scripps Health has started a manual evaluation of the records breached in the attack and mentioned that it is a time-intensive procedure that will most likely take a few months. It isn’t yet known what are the rest of the information the documents have, reported Scripps Health in its statement concerning the attack and stated notification letters are being delivered to impacted people right away.

It is sad that a lot of health care establishments are struggling with the effects of a growing cyber threat environment. Nevertheless, Scripps is implementing enhancements to our data security, systems, and checking functionalities. It is likewise working directly with federal authorities to support the continuing investigation.