SAN DIEGO (CNS) – A weekend cyberattack that left many of Scripps Health’s computer systems down continued to plague the San Diego-based healthcare system Monday, with no timeline for recovery, creating uncertainty for many people with upcoming appointments.
According to a statement posted on its social media pages, Scripps technical teams were working to resolve the “information technology security incident” first detected late Saturday.
Details on the nature of the attack were not disclosed, though Scripps indicated it has notified law enforcement “and the appropriate governmental organizations.”
Scripps issued an updated statement Monday regarding the attack, saying its outpatient facilities remain open, and the company is continuing to reach out to patients whose appointments require rescheduling.
“As Scripps Health continues to address the cyberattack from this past weekend, our facilities remain open for patient care, including our hospitals, emergency departments, urgent care centers, Scripps HealthExpress locations and other outpatient facilities,” the statement read. “Our technical teams and vendor partners are working tirelessly to resolve issues related to the cyberattack as quickly as possible.”
Scripps said some Monday appointments were postponed as a result and it was working to contact other affected patients.
“Patients who have appointments scheduled during the next several days and are unsure about their status may call 1-800-SCRIPPS for more information. Our patients’ health and safety remain our top priorities and we are making every effort to ensure they continue to receive needed care in the most efficient and clinically appropriate way possible.”
The healthcare system’s website remained down as of Monday afternoon.
On Scripps Health’s social media pages, many users left comments asking whether or not their appointments scheduled for this week would be postponed in the wake of the attack. A Scripps Health representative responding to the comments indicated users would be informed via private messages on how to proceed.
One user asked whether they should be concerned over their personal information being compromised due to the attack.
A Scripps representative responded, “We are still in the process of assessing the extent of this attack. If any of our patients’ information was compromised, we will be reaching out to them.”
“All of the tactics sound exactly like a ransomware attack,” Daniel Libby, CEO and founder of Cyber Forensic Laboratory, told FOX 5.
Libby says ransomware attacks are a billion-dollar industry and companies that rely on public trust are most often the target. He says it’s fairly easy for hackers to breach a server. It starts with what’s called “social engineering” — getting someone to click on a poisoned file, then they infect the network and encrypt all the data.
“I spend a couple hours, I do a profile of you. I send you an email. I get you to click on the document and boom, I’m in. I can do anything I want once inside your network.”
Libby compares it to kidnapping. Once the server is locked up, a demand for ransom is made — but it does not always end well.
“I will tell you 57% of the companies that are affected by this pay the ransom,” Libby said. “Of that, 17% are never honored.”
“I guarantee that whatever organization is infected by this, their IT staff is working 24/7 to try and remedy the situation, identify the malware, get the malware or ransomware off the network and then try to restore the data that’s being held hostage,” Libby added.
Copyright 2021, City News Service, Inc.