Scripps enters fourth week of ransomware attack
CEO says access to electronic medical records should be restored by week’s end
Scripps Health hopes to restore full electronic medical record capabilities, including resumption of its MyScripps patient portal, in “the latter part of this week,” according to an update sent to patients by its chief executive officer Monday afternoon, May 24.
For the first time, Chris Van Gorder, Scripps’ CEO, acknowledged in writing that the cyberattack his organization suffered on May 1 was ransomware, a fact confirmed May 2 in The San Diego Union-Tribune.
So far, Scripps has not specified the amount of ransom that hackers demanded nor whether it paid the cyber extortionists.
It was the most significant update on the situation at Scripps in weeks and came as the region’s second-largest medical provider enters the fourth-straight week of an attack that snarled the organization’s digital resources from scheduling to patient care, forcing many to reschedule appointments while front-line medical professionals are forced to document their care in paper charts.
“We know that this incident has been a hardship for our patients, our employees and our physicians, and we are truly sorry,” Van Gorder’s letter said.
He added that Scripps’ silence on the origin and depth of the attack has been necessary.
“In our current situation, openly sharing the details of the work we have been doing puts Scripps at an increased risk of coming under further attack, and of not being able to restore our systems safely and as quickly as possible for you,” Van Gorder said. “This is not hypothetical.
“Other attackers are already using what is being reported in the media to send scam communications to our organization.”
Staff members have been reporting for weeks that the current situation has created significant strain.
Last week, sources inside the organization confirmed that Scripps regained read-only access to electronic medical records created prior to May 1, though only for those who were already patients.
An emergency room nurse at one of Scripps’ four hospitals said Monday, May 24, that after working through the weekend, lab reports, X-ray images and other information still is not flowing quickly, resulting in long waits for patients and for ambulance crews delivering patients with serious injuries.
“We operate physically tired, that’s standard, but now we are mentally exhausted,” the nurse said. “Just like driving, when you are exhausted, it is dangerous.
“Someone will make a mistake and someone will get hurt.”
Steve Bernitz of Encinitas said he had not yet received the communique from Scripps’ top boss but, after reading it, said he found the logic “fuzzy” given that Scripps’ systems have been offline for nearly a month.
“I fail to see how some transparency would help other hackers break into their systems,” Bernitz said.
In need of back surgery, he said the outage has slowed the insurance approval process and thus progress toward dealing with debilitating pain.
“The approval is slowed by unavailability of medical records, and the insurance companies won’t take paper or faxed submissions,” he said. “It feels like a conspiracy some days.
“It’s been almost a month, and I have lots of pain, but not a lot of approvals for treatment.”
Scripps patients who are currently feeling fine have not been spared anxiety. It remains unclear whether or not hackers made off with private patient information, and Scripps’ latest statement did not clarify the matter.
Ransomware sites commonly used to publish stolen records when their victims choose to rebuild from backups rather than pay up so far do not show any mention of the incident.
An internal memo obtained by the Union-Tribune in early May indicated that ransomware also managed to infect Scripps’ backup servers in Arizona, but Van Gorder assured patients in Monday’s letter that a clean record of the data in its medical records system was preserved.
“Rest assured, we have thorough backups and are using them to help our restoration efforts,” Van Gorder said. “Even so, there is no ‘easy button.’”
Get the RSF Review weekly in your inbox
Latest news from Rancho Santa Fe every Thursday for free
You may occasionally receive promotional content from the Rancho Santa Fe Review.