The CommonSpirit ransomware assault: 1 yr later

One yr in the past, on Oct. 2, 2022, Chicago-based CommonSpirit Well being detected a ransomware assault on its IT community.

The fallout led to ambulances being diverted and sufferers being turned away from appointments and an estimated $160 million in prices for the 143-hospital system.

Initially, well being system officers scrambled to include the assault, taking IT programs offline and inflicting workers at some hospitals to modify to paper data. Appointments and surgical procedures needed to be canceled. CommonSpirit did not publicly disclose it had been a sufferer of ransomware till 10 days later, on Oct. 12. It took a number of weeks to convey EHRs again on-line.

Whereas hackers did not acquire knowledge immediately from CommonSpirit EHRs, they copied people’ info from two file-share servers, the well being system said. It took CommonSpirit greater than 5 months to find out what knowledge was affected, requiring a “time-consuming review of each individual file on each file server.”

The affected knowledge included private figuring out info, together with Social Safety numbers for a small variety of folks, and analysis and remedy info.

Dozens of hospitals throughout 13 states, and tons of of hundreds of patientshave been affected. The Catholic well being system estimated a $160 million loss from the cyberattack however nonetheless does not understand how a lot will likely be recovered by insurance coverage. Like different well being programs concerned in cyberattacks, CommonSpirit has faced a number of class-action lawsuits over the occasion.

“There can be no assurance that the resolution of this matter will not affect the financial condition or operation of CommonSpirit, taken as a whole,” the well being system stated in an annual report revealed in September.

In the meantime, ransomware assaults continue at hospitals and well being programs across the nation, although one analyst noted that it might be arduous for 2023’s numbers to overhaul 2022 due to the breadth of the CommonSpirit assault. Healthcare knowledge breaches total, nonetheless, are up. CommonSpirit was even caught up in what could also be this yr’s largest hack (although indirectly).

Date: 2023-10-02 11:02:45

Source link



Related articles

Alina A, Toronto
Alina A, Toronto
Alina A, an UofT graduate & Google Certified Cyber Security analyst, currently based in Toronto, Canada. She is passionate for Research and to write about Cyber-security related issues, trends and concerns in an emerging digital world.


Please enter your comment!
Please enter your name here