Picture credit: Widespread Spirit
CommonSpirit, the second-largest nonprofit hospital chain in the US, has confirmed a cybersecurity incident that’s disrupting medical providers nationwide.
In a transient assertionChicago-based CommonSpirit stated the “info safety problem” impacted some CommonSpirit services and a few affected person appointments have been postponed consequently.
“CommonSpirit Well being is coping with an info safety problem that’s impacting a few of our services,” stated the hospital big, which operates greater than 700 care websites and 142 hospitals in 21 states. “As a precaution, we’ve got taken some laptop programs offline, which can embody the digital well being report and different programs.”
“Our services observe current protocols for system outages and take steps to attenuate disruption. We take our accountability to make sure the safety of our IT programs very critically. As a consequence of this problem, we’ve got postponed some affected person appointments. Sufferers can be contacted instantly by their supplier and/or healthcare facility if their appointment is impacted.
CommonSpirit has not but confirmed the character of the safety incident, and it’s unclear whether or not affected person info or well being information was compromised. When contacted, CommonSpirit spokesperson Chad Burns declined to remark past the group’s assertion.
The extent of the disruption attributable to this downside is starting to change into obvious. CHI Well being, a Nebraska-based subsidiary of CommonSpirit, reported outages in its Omaha hospitals, and MercyOne Des Moines Medical Heart has shut a few of its laptop programs, together with entry to its digital well being data.
In July, the US cybersecurity company CISA, the FBI and the US Treasury warned in a joint declaration that North Korean-backed hackers have been concentrating on healthcare and public well being organizations throughout the US with ransomware.
This warning follows a sequence of high-profile assaults on US well being programs, together with College Medical Heart Southern Nevada, Eskenazi Well being and Kaiser Permanente. In keeping with Brett Callow, menace analyst at Emsisoft, at the least 15 U.S. well being programs working 61 hospitals throughout the nation have been hit by ransomware to date in 2022. In at the least 12 of those incidents, delicate information, together with together with private well being info (PHI), was compromised.