Healthcare system Scripps Health has alerted nearly 150,000 individuals regarding the security of their private information that was compromised due to a ransomware attack that struck the organization on May 1.

Huge array of patients and individuals notified by Scripps Health:

Scripps Health is a nonprofit health care system based in San Diego, California. The system includes five hospitals and 19 outpatient facilities and treats a half-million patients annually through 2,600 affiliated physicians. The system also includes clinical research and medical education programs.

According to the statements provided by the healthcare organization, it has been noted that they have initiated an alert notification procedure where approximately 147,000  are being recommended to protect their data related to the organization.

Out of these 147,000 individuals, near 3,700 had their vital, sensitive data such as Social Security or driver’s license numbers compromised. For such critically impacted victims, the organization will offer complimentary credit monitoring and identity protection support services. 

However, the healthcare organization provides that it is unclear whether the stolen data has been mal-utilized or tampered with to commit fraud or other illegal activities.

Highly critical data stolen from Epic:

As an aftermath of the ransomware attack, Scripps health saw that its medical professionals of all levels had to document their official data, medical paperwork on physical paper charts.

Access to important information, such as previous test results, was unavailable for weeks, and Scripps facilities did not begin regaining the ability to create new digital records until late last week when the organization’s MyScripps patient portal also returned to service.

According to Scripps Health, the threat actors had gained unauthorized access to its network and stole some copies of their records prior to deploying the ransomware.

They were also rendered unable to access Epic which is their primary electronic health care records repository.

This is especially concerning since the medical repository contains highly sensitive medical patient data from doctor progress notes documenting care delivered to test results.

The data that was reportedly stolen or access from the Epic repository contained a wide array of records such as addresses, dates of birth, health insurance information, medical record numbers, patient account numbers, and clinical information such as physicians’ names, dates of service, and/or treatment.

Since investigations are still underway, details of the ransomware attack such as which systems the information was taken from or how did they know that Epic was not compromised remain undisclosed.

“We do not yet know the content of the remainder of documents we believe are involved,” Scripps said. “We have kicked off an extensive manual review of those documents.

“This is a time-intensive process that will likely take several months, but we will notify affected individuals and entities as quickly as possible in accordance with applicable regulatory requirements.”

Healthcare industry- a primary ransomware target:

It is concerning to observe that health care systems, especially significant ones, are increasingly becoming prey to ransomware attacks, even with the typical security measures in place and implemented.

Medical information and data are extremely sensitive and confidential pieces of information and it is important for not only healthcare but all organization to take intensive care while handling such data.