Ransomware Attack on Scripps Health Disrupts Patient Care

The San Diego-based healthcare provider Scripps Health suffered a cyberattack on May 1, 2021 which forced it to take its information technology systems offline. Scripps Health operates four hospitals in the San Diego area and has been able to continue to provide care to patients; however, stroke, heart attack, and trauma patients seeking emergency treatment at all four of its hospitals in Encinitas, La Jolla, San Diego, and Chula Vista were diverted to alternative facilities as a precautionary measure.

Scripps Health issued a statement confirming its outpatient urgent care centers, Scripps HealthExpress locations, and emergency departments do remain open, and staff are continuing to care for patients. While information technology systems are down, including its online portal, Scripps Health is operating on established backup processes and is using offline documentation methods. Patient safety has not been put at risk.

It is unclear when it will be possible to bring systems back online, so the decision has been taken to postpone some patient appointments for Monday and later this week.

Scripps Health has not disclosed full details about the nature of the attack, but local media outlets are reporting this as a ransomware attack. Scripps Health and its technical teams are working around the clock to restore systems and resolve all issues resulting from the attack.

Midwest Transplant Network Suffers Suspected Ransomware Attack

The Midwest Transplant Network has also announced it was the victim of a cyberattack. On April 30, 2021, the Westwood, KS-based healthcare provider confirmed that its IT department and third-party security experts have been working round the clock to stop and remove the threat and determine the extent to which patient data has been compromised.

While it is possible that patient information was accessed, the investigation into the breach has not uncovered any evidence to suggest any patient information was exfiltrated by the attackers. Patients are being notified by mail if they have potentially been affected.

Midwest Transplant Network said that throughout the incident it was able to continue its mission through organ, eye, and tissue donation. Up to 17,600 individuals are understood to have potentially had their protected health information exposed.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.