Tri-City Healthcare in North County San Diego was the victim of a ransomware attack that halted the facility's ability to accept patients Thursday, a source told NBC 7.
Tri-City, which has a medical center located in Oceanside, California, placed itself on an Internal Disaster Diversion with San Diego County's Office of Emergency Services, county officials confirmed.
"This means the hospital cannot accept any patients through the 911 system because of a critical disruption of the ability to provide medical services," the county said.
Ambulances are being rerouted to different hospitals, and pending operations and appointments have to be rescheduled. The hospital is, for now, still caring for some walk-in patients with emergencies. It is unclear when the issue will be resolved.
Get San Diego local news, weather forecasts, sports and lifestyle stories to your inbox. Sign up for NBC San Diego newsletters.
An Internal Disaster Diversion can be initiated due to structural failures, infrastructure, disruptions or health and safety threats, according to a county health and safety code update in July 2021.
Tri-City spokesperson Aaron Byzak said staff noticed a security breach at around 7 a.m. Thursday. Internal and external internet technicians, along with unidentified law enforcement experts, have been investigating the breach since, Byzak said.
Local
Byzak confirmed there was a security breach but did not specify if it was ransomware, which the FBI describes as malicious software that prevents, the hospital in this case, from accessing computer files, systems or networks until a ransom is paid.
The North County medical center recently announced a partnership with UC San Diego Health, which was set to take over the healthcare facility's operations next March.
UC San Diego was itself a victim of a data breach in 2021. In that incident, employee email accounts were targeted that may have contained personal information about patients, students and employees. UCSD Health said patient care was otherwise unaffected.
About 147,000 patients were likely affected by a ransomware attack on Scripps Health in 2021. The healthcare system agreed to a class-action settlement a year later. And, in 2020, San Ysidro Health was hit by a similar attack that compromised patient information.
This is a developing story and will be updated. Details may change as information becomes available.
