Scripps Health's CEO on Monday confirmed that the attack on its computer systems involved ransomware and that a federal investigation is under way.
The health-care system's information systems came under attack on May 1, prompting the rescheduling of some services. In the past week, some of its technology elements -- both internal and external -- have come back online, including portions of the Scripps.org website, though not the patient portal.
Up until Monday, Scripps would only say that it was the victim of a malware attack.
"We are continuing to investigate the incident, which I can confirm involved ransomware," Scripps Health CEO Chris Van Gorder said in a statement sent out via email and posted on social media on Monday. "We reported this to federal law enforcement, and continue to support their investigation as well."
Van Gorder also stated that providing too much information to the public during the outage would have put the health-care provider at "increased risk."
"We know the last few weeks have been difficult for our community members, and at times it may have seemed like we weren't communicating enough," Van Gorder stated. "Sharing the details of the work we've been doing puts Scripps at an increased risk of coming under further attack," adding that "Other attackers are already using what is being reported in the media to send scam communications to our organization."
Scripps Health did not say whom the cyber crooks were, nor did he specify how much the ransom was being sought. Officials have also not said if any private patient information was compromised.
The company said it expects electronic health records to be back online later this week.
Read Van Gorder's full statement below:
I want to provide an update for you about Scripps’ continued response to our recent cyber incident. We know the last few weeks have been difficult for our community members, and at times it may have seemed like we weren’t communicating enough. We care deeply about our relationship with you and all of our patients, and I am sorry this has caused frustration.
In our current situation, openly sharing the details of the work we have been doing puts Scripps at an increased risk of coming under further attack, and of not being able to restore our systems safely and as quickly as possible for you. This is not hypothetical. Other attackers are already using what is being reported in the media to send scam communications to our organization. I know that, for some of you, the reasons why we haven’t provided more frequent updates may not matter. But it was important for me to share and assure you that our patients’, employees’, and physicians’ safety and security are our constant guides.
That being said, we are now at a point where we can share some additional updates. We are continuing to investigate the incident, which I can confirm involved ransomware. We reported this to federal law enforcement, and continue to support their investigation as well. Our IT teams and outside consultants are literally working around the clock to restore our systems. Rest assured, we have thorough backups and are using them to help our restoration efforts. Even so, there is no "easy button."
We continue to make progress. When you come in for care, your medical history is again at our fingertips electronically, and we’ve increased capacity at our internal call center to help answer patients’ questions. In addition, we anticipate our electronic health record will be back online the latter part of this week, including your ability to log into your MyScripps account to see your health care information. While this progress is meaningful, there is work left to be done. We look forward to building on these efforts and restoring the remaining Scripps systems as soon as possible.
In the meantime, as always, providing you with exceptional health care is our number one priority, so please don’t hesitate to come in for needed care.
We know that this incident has been a hardship for our patients, our employees, and our physicians, and we are truly sorry.
Thank you again for your patience and understanding during this challenging time. We are committed to continuing to serve you and our community and will continue to provide you with updates.