Nonprofit healthcare supplier, Scripps Well being in San Diego, has disclosed a knowledge breach exposing affected person data after struggling a ransomware assault final month.
The healthcare supplier has 5 hospitals and 19 outpost services with over 3,000 affiliate physicians. Yearly, Scripps Well being treats greater than 700,000 sufferers.
On April twenty ninth, Scripps Well being suffered a cyberattack the place risk actors deployed ransomware on their community and encrypt gadgets.
The assault brought about the healthcare supplier to droop their IT methods, together with public-facing portals, together with MyScripps and scripps.org.
Because of the assault, hospitals in Encinitas, La Jolla, San Diego, and Chula Vista not obtained stroke or coronary heart assault sufferers, which had been diverted to different medical services.
Hackers stole affected person information in the course of the assault
On Tuesday, Scripps Well being launched an up to date report on the assault and says that risk actors stole affected person information in the course of the assault.
“The investigation is ongoing, however we decided that an unauthorized individual did achieve entry to our community, deployed malware, and, on April 29, 2021, acquired copies of among the paperwork on our methods,” said an up to date Scripps Well being safety incident discover.
“By Could 10, 2021, we had been capable of entry a restricted variety of paperwork concerned within the incident and, after an intensive evaluate, decided that a few of these paperwork contained sure affected person data.”
“Because the investigation is ongoing, we don’t but know the content material of the rest of paperwork we imagine are concerned, although we’re working with third social gathering consultants to find out these info as shortly as doable.”
When ransomware operations breach a company, they’ll first silently unfold all through the community whereas stealing recordsdata and information. As soon as they achieve entry to a Home windows admin account and the area controller, they deploy the ransomware to encrypt gadgets.
The ransomware gangs then use the stolen information as leverage by saying they’ll launch the stolen information on data leak sites if the sufferer doesn’t pay the ransom.
After investigating the stolen information, Scripps Well being decided that the attackers stole private data for sure sufferers.
“For sure sufferers, this data included a number of of their names, addresses, dates of start, medical insurance data, medical report numbers, affected person account numbers, and/or medical data, comparable to doctor title, date(s) of service, and/or remedy data,” warns Scripps Well being.
“For lower than 2.5% of sufferers, Social Safety numbers and drivers’ license numbers had been additionally affected.”
“Importantly, this incident didn’t end in unauthorized entry to Scripps’ digital medical report software, Epic. Nonetheless, well being data and private monetary data was acquired via different paperwork saved on our community.”
For these sufferers whose information was uncovered, Scripps Well being has begun mailing notification letters on June 1st, 2021.
If the assault uncovered a affected person’s Social Safety or driver’s license numbers, the healthcare supplier additionally offers a free one-year subscription to credit score monitoring and identification safety providers.
It’s unknown which ransomware operation carried out the assault, and not one of the stolen information has been publicly launched presently.