CommonSpirit, CHI St. Joseph still dealing with after effects of ransomware attack

LEXINGTON, Ky. (WKYT) - A major healthcare provider in the U.S. is still working to recover from a ransomware attack earlier this month.

CommonSpirit, which has 142 facilities in 21 states, says the cyber attack knocked systems offline, and has caused disruptions to patient care.

The attack has impacted services at CHI Saint Joseph.

“We’ve seen in this case where a number of surgeries had to be rescheduled. People are being turned away, getting sent to different hospitals,” said Ken Westin, the director of security strategy at Cybereason.

Westin says the healthcare industry as a whole is very vulnerable. A report from cybersecurity firm Crowdstrike shows a 50 percent increase in attacks, with the most notable increases among health institutions.

Last year 45 million people were affected by healthcare attacks on 68 providers, up from 34 million in 2020.

“We should know that these ransom groups are becoming much more brazen. We’re going to see much more of this, unfortunately,” Westin said.

CommonSpirit says an ongoing forensic investigation is looking into what personal information has been compromised.

Westin suspects they are still negotiating the ransom to avoid data being released or sold.

“There might be a concern too that if there is sort of a PII, or personally identifying information, that’s tied to that, they could be going after those consumers as well. That could be everything from phishing campaigns; if there is medical information, that information could be sold in underground markets. That’s a worst-case scenario,” Westin said.

Westin says patients need to pay attention to any letters that come from the hospital as well.

They may not send it out via email; it might also be a postal letter.

If you get an email, be cautious and verify it is from the hospital. Don’t click on any links or put in any information unless you know it is legit.

Copyright 2022 WKYT. All rights reserved.