Health IT, Hospitals

Scripps Health IT applications pushed offline following cyberattack

The San Diego-based health system experienced a cyberattack on Saturday, following which it suspended user access to several IT applications, including its patient portal. Though it is not clear if patient data was compromised, care services were affected, with the system having to reschedule some appointments and revert to paper records.

Data breach, cybersecurity, hacking,

After experiencing a cyberattack on Saturday, Scripps Health suspended access to several IT applications well into Monday and rescheduled some patient appointments.

The security incident was detected late on Saturday, said Keith Darce, a spokesman at San Diego-based Scripps Health, in an email. The health system suspended user access to various IT applications, including its website and MyScripps patient portal — both of which remained inaccessible until Monday afternoon.

“Our technical teams and vendor partners are working tirelessly to resolve issues related to the cyberattack as quickly as possible,” Darce said.

Scripps Health facilities, including its hospitals, emergency departments, urgent care centers and other outpatient facilities, are open for patient care, though some are relying on established backup processes like “offline documentation methods,” Darce said.

In addition, several appointments scheduled for Sunday and Monday were postponed.

Scripps Health’s official statement did not indicate what type of cyberattack it experienced. But, according to an internal memo obtained by The San Diego Union-Tribune, it was a ransomware attack that impacted systems in two of Scripps’ four hospitals, disrupting patient care, including the electronic monitoring of vital signs.

Further, all Scripps Health hospitals began diverting stroke and heart attack patients to other facilities when possible over the weekend, The San Diego Union-Tribune reported. Scripps did not confirm the diversions.

The Scripps Health cybersecurity incident comes on the heels of a number of similar attacks among providers. Major data breaches were discovered at Livonia, Michigan-based Trinity Health, Pittsburgh-based UPMC and Omaha-based Nebraska Medicine earlier this year. Though it is unclear if patient data was compromised at Scripps Health, the string of cybercrime reports reinforces how challenging IT security continues to be for providers — especially during the Covid-19 pandemic.

The pandemic increased healthcare’s dependency on IT tools, not only because of the rising popularity of services like telehealth but also because of the move to remote work. These trends heightened the risk of cybercrime in several ways, including increasing the ports of entry for cybercriminals.

“To protect themselves and their patients, healthcare organizations must adopt a true culture of security that includes a holistic approach to how risk is identified and mitigated, starting with education and extending into adoption of security best practices, continuous monitoring and regular testing to ensure that no gaps have been missed,” said Chris Clements, vice president of solutions architecture at cybersecurity firm Cerberus Sentinel, in an email.

Specifically, providers must become more diligent about securing their applications, including patient portals, with protocols like multi-factor authentication, said Erich Kron, security awareness advocate at KnowBe4, a provider of security training solutions, in an email.

Organizations should also provide frequent security awareness training to their employees to help them spot and report email phishing attacks, he said.

Photo: JuSun, Getty Images