Scripps Health Offers Guidance for Patients During Cyber Outage

By Eric S. Page

While many information-technology systems at Scripps Health remain offline, officials posted some information for patients on the provider’s Facebook page on Wednesday in an effort to keep them informed. and its associated systems went down on May 1. Officials have offered the public little information about the outage since then. On Monday, though, Scripps Health CEO and president Chris Van Gorder distributed a memorandum to staff about the outage, which the California Department of Public Health has described as a ransomware attack. To date, officials have declined to discuss the scope of the attack, including whether Scripps Health is being ransomed by cyberattackers — and, if so, for how much or by whom — nor have they discussed whether patients confidential information has been compromised.

The local health-care provider operates five hospitals in San Diego, along with a series of clinics.

Until this week, the health care provider’s leadership team has largely been silent, with its communications staff sending out few updates on the situation, the early ones coming from what appeared to be employees’ personal Gmail accounts.

Among other updates offered on Facebook on Wednesday:

  • Scripps Health said tele-health visits were still taking place
  • The provider’s pharmacy team is working with outside pharmacies to make sure prescriptions get filled
  • Patients who need medical records are being instructed to contact Scripps in writing with requests, using snail mail
  • Officials said patients with outstanding bills will not be in default, nor will they be considered to be in arrears while the outage continues
  • Finally, there will be a 14-day grace period after systems are back online to get paid up-to-date

Several Facebook users posed questions in response to Scripps’ post on Wednesday, but none were answered by the health-care provider. One poster, though, who said they had a visit Wednesday go “off without a hitch” and urged patience, did hear from Scripps, which replied, “Your support during this time is so appreciated, Cary. Thank you for being part of our Scripps family and sharing this message. ❤”

Scripps has not offered any updates on when it expects its systems to go back online. Visitors to are being told that “Patients or families with questions should contact 1-800-SCRIPPS (800-727-4777). We apologize for any inconvenience.”

Very little is known about what, exactly, Scripps is working on to remedy the outage. In Monday’s memorandum, Van Gorder said that Scripps “immediately engaged outside consultants and experts to assist us in our investigation and other experts to help us restore our systems and get back online as soon as possible.” In reply to a request for information to the Department of Homeland Security, NBC 7 was referred back to Scripps Health.

The cyberattack on Scripps is not the first of its kind in the region, of course. For example, San Ysidro Health, a health care provider with 47 clinics serving 108,000 people, had to notify its community that it was the victim of a cyberattack in late 2020 and that data containing the personal information of patients was compromised. And in September 2018, cyber-crooks hit the Port of San Diego. Hackers breached the Port’s information technology systems and demanded payment in Bitcoin, the agency said, though the amount was not disclosed.

The Justice Department said last month it was forming a task force to deal with the growing problem of ransomware attacks that have impeded hospital operations and caused other chaos nationwide. Last year was the worst to date in terms of the economic toll, with ransom demands to victims averaging over $100,000 and in some cases totaling tens of millions of dollars, according to the Justice Department.

The nation’s largest fuel pipeline restarted operations Wednesday, days after it was forced to shut down by a gang of hackers. The disruption of Colonial Pipeline caused long lines at gas stations in the Southeast due to distribution problems and panic-buying, draining supplies at thousands of gas stations. Bloomberg News reported Thursday that Colonial Pipeline paid a $5 million extortion ransom to the hackers.

Associated Press