Cyber SecurityJanuary 11, 20210Scripps Health Hacked, Further Issues Remain

This particular san diego cyberattack occurred in late April of 2021. This was also a ransomware attack, and these kinds of cyberattacks have been happening more frequently over the past several years. Ransomware is considered one of the deadliest types of malware, or “malicious software.” It is estimated that ransomware attacks will cost the global economy a staggering $265 billion over the next decade.

Scripps Health markets itself as San Diego’s “trusted leader for quality healthcare.” Scripps Health is also not a large corporation, but a large nonprofit. Scripps Health also employs somewhere around 15,000 employees. The system includes not only five hospitals, but 19 outpatient facilities, as well. The organization has previously been ranked multiple times in Forbes Top 100 Places To Work.

The company was first founded in 1924 by philanthropist Ellen Browning Scripps. Scripps was the founding donor for several other major San Diego institutions in the area, including Scripps college. The Scripps Health organization suffered a massive cyberattack several months ago.

This particular san diego cyberattack occurred in late April of 2021. This was also a ransomware attack, and these kinds of cyberattacks have been happening more frequently over the past several years. Ransomware is considered one of the deadliest types of malware, or “malicious software.” It is estimated that ransomware attacks will cost the global economy a staggering $265 billion over the next decade.

 

About The Attack

There are various details about this specific cybersecurity breach that many experts and analysts might consider to be unique. First, the hackers involved in the Scripts Health hack actually stole patient information before launching the hospital cyber attack. The attack rose questions about the overall cybersecurity of the San Diego-based health system.

The Scripps Health cyberattack was first detected on May 1. Cybercriminals attacked Scripps Health by deploying ransomware. The organization decided to suspend access to its online portal and then take their systems offline. The CEO confirmed that health information and personal information was compromised, including names, addresses, and even driver’s license and social security information.

However, it appears as though over 147,000 people may have had their personal information compromised because of the data breach. The health organization’s EHR, luckily, was not affected. Many patients at Scripps hospitals moved to separate facilities once the cybersecurity breach occurred.

 

The Response To The Cyber Attack

The CEO of Scripps Health, Chris Van Gorder, apologized for the cyber attack. He acknowledged that there was “work to be done” regarding cyber protection matters. Gorder also immediately contacted federal law enforcement so that they could investigate the ransomware attack. Gorder originally stated that their physicians and employees were “well-trained” to deal with the

He also thanked physicians and employees for their resilience during the data breach. Gorder also stated that he was working to strengthen safeguards in order to prevent a future cybersecurity breach. Gorder noted that this was one of many cyber attacks in the healthcare sector, citing a Comparitech report that found that there were 92 attacks in 2020 that affected somewhere around 60 separate hospitals, clinics, and health organizations.

 

Gorder also acknowledged that this ransomware attack was even more significant given the fact that it occurred during a pandemic. He was also criticized for not being forthcoming regarding the cybersecurity of the Scripps health system, but Gorder claimed that his silence was due to the fact that there was an ongoing investigation. A former chief information security officer stated that this behavior was “puzzling.” Gorder also would not confirm or deny whether double extortion was involved in the data breach.

 

Further Issues

Since the cyberattack was not contained immediately, there have been many subsequent cybersecurity issues at Scripps Health. The San Diego health system is also facing class action lawsuits from patients who haven’t been able to access their medical information. Another patient complained that he was having issues obtaining “life-changing medication.” The medical personnel were also forced to use paper records at some points.

Patients were also frustrated at the fact that there were changes in appointments and canceled surgeries. The organization also eventually got the system back online and notified patients of further steps they can take to protect their accounts. A hospital employee ended up stealing the personal information of various patients for a COVID-19 related scam. The individual was arrested.

Zach Furness is the director of cybersecurity governance and risk management at Children’s National Hospital, and he pointed out that the healthcare sector was more prone to cybersecurity threats than many other industries. Furness stated: Healthcare has traditionally lagged behind other industries in funding cybersecurity, making them an easy target for exploits, especially ransomware. Add to that the fact that IT infrastructures are stressed due to greater emphasis on remote working and telehealth, and you have a perfect storm.”

 

About Malimar

Malimar Technology Group boasts a group of expert IT professionals and cybersecurity experts to help protect your business from cyberattacks such as the one mentioned above. We can help guide your organization with respect to preventing cyberattacks in the future, and offers seamless remote support to our clients regarding their IT needs.

We are one of the top cybersecurity companies in the San Diego area, and offer services such as server/PC management, strategic IT planning, and server backup solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *