It has been nearly a month since Scripps Healthcare systems was a victim of a ransomware attack. Although the health system was able to restore the Scripps.org website last week, its patient portal remains down as of this morning.
Scripps President and CEO Chris Van Gorder sent a letter to patients, employees and physicians apologizing for the frustration caused by the attack which initially was detected May 1. Van Gorder said the system anticipates electronic health records will be available for patients later this week.
“While this progress is meaningful, there is work left to be done,” he said in the letter. “We look forward to building on these efforts and restoring the remaining Scripps systems as soon as possible.”
Van Gorder acknowledged that the system has been providing few updates about the cyberattack as sharing more details “puts Scripps at an increased risk of coming under further attack.”
The U.S. Cybersecurity & Infrastructure Security Agency says that ransomware is a constantly evolving type of malware which “renders any files and the systems that rely on them unusable.” The attack was reported to federal law enforcement officials, Van Gorder said.
“This is not hypothetical,” he continues in the letter. “Other attackers are already using what is being reported in the media to send scam communications to our organization. I know that, for some of you, the reasons why we haven’t provided more frequent updates may not matter.
“We know that this incident has been a hardship for our patients, our employees, and our physicians, and we are truly sorry,” Van Gorder concluded.