Scripps Health targeted by cyberattack

 Scripps Memorial Hospital La Jolla was affected by a May 1 cyberattack on Scripps Health's computer network.
Scripps Memorial Hospital La Jolla was affected by a May 1 cyberattack on Scripps Health’s computer network.

The hospital system, which includes La Jolla, was hit in an attack that forced it to block patient access to online portals and divert some critical-care patients.


A ransomware attack on Scripps Health’s computer network over the weekend significantly disrupted care, forcing the giant health care provider to stop patient access to its online portal, postpone appointments set for Monday, May 3, and divert some critical-care patients to other hospitals.

Though the provider, which sees more than 700,000 patients annually, initially downplayed the intrusion, an internal memo obtained by The San Diego Union-Tribune indicated that information systems at two of Scripps’ four main hospitals were infected, including backup servers in Arizona.

Electronic medical records were said to be down, forcing medical personnel to use paper records for the time being, and also affecting “telemetry at most sites.” Telemetry is the electronic monitoring of patients’ vital signs, a critical function that has long been automated at modern hospitals but can be performed manually if necessary.

A person familiar with the situation who requested anonymity confirmed many of the memo’s contents and said access to resources such as medical imaging also was affected. Scripps did not confirm the ransomware nature of the attack or other specific details May 2.

The incident was serious enough to put all Scripps hospitals — in La Jolla, Encinitas, Hillcrest and Chula Vista — on emergency bypass for stroke and heart attack patients, meaning patients with such life-threatening conditions would be diverted to other medical centers when possible.

All trauma patients also were diverted from Scripps Memorial Hospital La Jolla and Scripps Mercy Hospital San Diego in Hillcrest.

Neither Scripps nor county emergency medical system officials confirmed the diversions May 2. However, two independent sources in positions to know confirmed the situation, providing an email notice from county emergency services coordinator Jaime Pitner.

Ransomware attacks generally use malicious software to encrypt critical digital records, demanding a cash payment, usually in the cryptocurrency bitcoin, in order to unlock resources. Hospitals have become perennial targets of such high-tech heists, including six in the United States in a 24-hour period on Oct. 26, 2020.

A statement from Scripps did not specify the type of cyberattack or provide any details other than that it occurred May 1. A spokesman declined to provide more information beyond the statement, including whether any patient records had been compromised.

The hospital system suspended access to some of its system applications, including the patient portal MyScripps.

“Patient care continues to be delivered safely and effectively at our facilities, utilizing established backup processes, including offline documentation methods,” the statement said.

Some patients who had appointments scheduled for May 3 will have them postponed. The statement said hospital officials were working to notify the affected patients.

The hospital system’s outpatient urgent care centers, its Scripps HealthExpress locations and all its emergency departments are open and accepting patients.

The statement said the hospital system notified “law enforcement and appropriate government organizations” about the cyberattack. ◆