On 1st of June 2021, the nonprofit healthcare provider, Scripps Health announced they experienced a data breach involving personal and financial information of more than 147,000 patients, staff, and physicians. In an email notifying their patients of the incident, Scripps Health stated on 1st of May 2021, an unauthorized user had gained access to their network and taken copies of documents containing personal and financial information before deploying ransomware that took their systems offline.
“For certain patients, this information included one or more of their names, addresses, dates of birth, health insurance information, medical record numbers, patient account numbers, and/or clinical information, such as physician name, date(s) of service, and/or treatment information,” warns Scripps Health.
The ransomware attack caused the healthcare provider to suspend their IT systems, including public-facing portals, including MyScripps and scripps.org. This resulted in Scripps Health making the decision to divert critical patients (stroke, heart attack, and trauma patients) to other facilities while some non-urgent appointments were also delayed in the days following the attack.
Scripps Health made clear that the incident “did not result in unauthorized access to Scripps’ electronic medical record application, Epic. However, health information and personal financial information was acquired through other documents stored on our network”. Even though it was less than 2.5% of patients had their Social Security numbers and drivers’ license numbers affected, the healthcare provider has offered a free one-year subscription to credit monitoring and identity protection services to those who were affected.
Currently it is unknown which ransomware group is responsible for conducting the attack, and none of the stolen data has been publicly released yet.
© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.