por
John R. Fischer, Senior Reporter | April 12, 2023
A cyberattack in late 2022 may have affected hundreds of current and former CommonSpirit facilities.
A cyberattack in late 2022 may have affected over 100 CommonSpirit Health facilities across 13 states.
An unauthorized third-party who gained access to the network between Sept. 16 and Oct. 3 was behind the attack, and while they did not access the organization’s EHR system, they did obtain files from two servers containing data on patients, including names, addresses, dates of birth, dates of service, medical record numbers, provider names, diagnosis and treatment information, and health insurance information.
The healthcare system previously said the attack potentially affected just St. Luke’s Diagnostic Heart Center, in Houston, and Virginia Mason Franciscan Health. in Seattle. It now says it may have impacted 21 organizations in Texas, 14 in Nebraska, 14 in North Dakota, 13 in Kentucky, 10 in Washington state, six in Arkansas, six in Minnesota, five in Tennessee, five in Ohio, four in Oregon, three in Georgia, three in Iowa, and one in Pennsylvania.
Ad Statistics
Times Displayed: 15617
Times Visited: 435 Ampronix, a Top Master Distributor for Sony Medical, provides Sales, Service & Exchanges for Sony Surgical Displays, Printers, & More. Rely on Us for Expert Support Tailored to Your Needs. Email info@ampronix.com or Call 949-273-8000 for Premier Pricing.
“Upon discovering the ransomware attack, CommonSpirit quickly mobilized to protect its systems, contain the incident, begin an investigation, and maintain continuity of care. In addition, CommonSpirit notified law enforcement,” said the healthcare system in a statement.
Back in December, CommonSpirit told regulators that the attack compromised the information of more than 624,000 people.
Damages were over $150 million, including in revenue lost from interrupted access to medical records and delayed care in multiple regions last year. Operations did not return to normal for over a month.
An investigation was launched and completed on February 21, 2023.
CommonSpirit began notifying patients impacted on April 6.