Scripps Health confirms that the cyber attack was via ransomware

Scripps Health has restored access to patients ’medical records, and plans to have its electronic health records later back this week, nearly a month after it was hit for the first time by a ransomware attack.

In a letter to patients Monday, CEO and President Chris Van Gorder acknowledged patients ’frustrations that the San Diego-based health care system was not being communicated enough. But he said they weren’t so transparent because sharing more details put Scripps at an increased risk of more attacks.

“This is not hypothetical; other attacks already use what is reported in the media to send scam communications to our organization,” Van Gorder wrote, also confirming that the cyber attack was in fact via ransomware.

To contain the malware, Scripps has taken a portion of its network offline, disrupting access to the health system’s email servers, patients ’portal and other applications. Patients took to forums such as Facebook and Reddit to express their frustrations with the move to the system to confirm operations, and in some cases, had to delay follow-up care.

One of those patients was Allison Gerber Weisman, 63, who has been suffering from Scripps for more than five years. Shortly after the May 1 attack, her appointment for breast biopsy was canceled, and she was initially unable to reschedule.

“The lack of communication with his patients was the worst part,” Weisman said at the time. “Cyber-attacks happen, but the problem is when they don’t communicate with their patients about what is happening.”

Weisman, after posting several times on Facebook, said she received a call from a Scripps patient care representative who quickly tracked her appointment rescheduling request, and who was able to get her biopsy done. She said the stress of potentially receiving a diagnosis of breast cancer, culminating in navigating a broken down system that had no end point in sight, was very manageable.

“We know this incident has been a problem for our patients, employees and our doctors, and we are really sorry,” Van Gorder wrote.

Patients will be able to access their MyScripps health portal even later this week. Scripps also works with federal law enforcement and its own IT teams work 24 hours a day.

Health systems around the country are increasingly under attack from hackers, in part because there are many employees accessing remote IT systems, and system security has historically taken a brunt to other priorities. .

Source link

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button