A Californian hospital operator has made the move to take is network offline after it was hit by a major cyberattack.
Reports state that the Scripps Health computer network that operates across half a dozen hospitals and a number of outpatient facilities in the San Diego, California area was forced to move to offline procedures after hackers launched a major cyberattack.
The Californian hospital operator says it has contacted law enforcement and government agencies of the cyberattack, but failed to mention specifics of the departments it has informed of the potential data breach.
It’s understood that the move to offline operating has meant that its employees and health care practitioners have been unable to access the organisation’s portals and programs.
Scripps Health’s CEO, Chris Van Gorder has confirmed the cyberattack has occurred, but refused to offer up any more details of the incident while it is being investigated.
It remains unknown whether or not the cyberattack was, in one form or another, a ransomware attack, where hackers essentially lock-up a victim’s information until a ransom is paid, usually in the form of cryptocurrency.
In the context of hospital operators and healthcare providers, cybercriminals often target organisations like these due to the sensitive – and lucrative – nature of the data they have access to, which can be shared and re-sold for a profit for use in other cyberattacks and extortion attempts.
Hospital Operator Takes Network Offline After Major Cyberattack
According to a report from Newsweek, “some patients with life-threatening conditions were taken to other hospitals in what appeared to be a cautionary step as Scripps Health responded to the cyberattack.”
A San Diego County official has said that medical service needs will “continue to be met in San Diego County while Scripps Health recovers from a weekend cyberattack.”
That official continued to explain that “the emergency healthcare system is less stressed now than it was during the heights of COVID, and the public should be assured that emergency response needs are being met.”
The hospital operator and healthcare provider says that even in the face and aftermath of a major cyberattack, patient care “continues to be delivered safely and effectively.”
The healthcare provider wrote in a statement on its Twitter account that “Scripps Health experienced an information technology security incident detected on late May 1, 2021. As a result of this, we suspended user access to our information technology applications related to operations at our health care facilities, including MyScripps and scripps.org.”
“While our information technology applications are offline, patient care continues to be delivered safely and effectively at our facilities, utilizing established back-up processes, including offline documentation methods.”
At the time of publishing, the hospital operator’s website remains offline after the major cyberattack.
Scripps says that emergency care departments remain open and accessible to anyone that needs it, but a number of other appointments are being rescheduled in the aftermath of the cyberattack.
The threat of cyberattacks being launched against healthcare providers is so severe that even the U.S. Department of Homeland Security has categorised them as a “threat to national security.”
Research indicates that hospital operators and healthcare providers will remain one of the most attractive targets for cybercriminals who are looking to access and exploit personal health information (PHI).