CommonSpirit Health, one of the largest health systems in the country was recently hit with a devastating ransomware attack. The Chicago-based health system operates 142 hospitals and over 2,200 sites of care within 21 states. The attack has caused system interruptions and ongoing IT outages across several states including Nebraska, Tennessee, Texas, Washington, and Iowa. The attack has affected CHI Health facilities in Nebraska and Tennessee, Seattle-based Virginia Mason Franciscan Health providers, MercyOne Des Moines Medical Center, Houston-based St. Luke’s Health, and Michigan-based Trinity Health System–all of which are subsidiary hospitals under CommonSpirit.
CommonSpirit is not alone in being targeted by ransomware attacks. In 2019, there were nearly 4,000 ransomware attacks on healthcare organizations around the world. The WannaCry attack in 2017 was responsible for causing disruptions at hundreds of hospitals in the UK. And just last month, a ransomware attack forced the shutdown of operations at Livingston Community Health in California.
While CommonSpirit has not released many details about the ongoing IT issues they are facing, it’s clear that this attack has had a significant impact on their operations. Hospitals and other healthcare providers are especially vulnerable to these types of attacks because of the high number of systems and devices they have to manage. In addition, many healthcare organizations still use outdated software and hardware that make them even more susceptible to attack.
After the attack, millions of patients had to wait 2 weeks before being informed if their information was breached in the attack. Additionally, many procedures and surgeries had to be postponed with equipment not being functional. This attack further highlights the need to prioritize cybersecurity measures and enforcement on our country’s critical infrastructure.
Ransomware attacks are becoming increasingly common and healthcare organizations are among the most vulnerable to these types of attacks. CommonSpirit Health is one of the latest victims of a ransomware attack that has caused system disruptions across multiple states. It’s important for all healthcare organizations to be aware of the threat posed by these types of attacks and take steps to protect themselves accordingly.