CommonSpirit Health identifies hospitals hit in ransomware attack

After a ransomware attack last fall, CommonSpirit Health has shed more details on the incident and identified some of the facilities that were affected.

CommonSpirit released a full list of more than 100 facilities that were affected and were patient information could have been exposed. CommonSpirit, based in Chicago, says there is no evidence that patient data has been misused.

Still, the attack did affect a number of its facilities and has required painstaking work to determine the extent of the breach and bolster security of the system’s networks.CommonSpirit is the parent organization of Catholic Health Initiatives and Dignity Health, and has also been associated with Centura Health and Mercy One in Iowa.

Scores of CHI hospitals and healthcare providers are among those that were affected. CHI Health said last fall that some appointments had to be rescheduled due to the incident.

• Read more: Here are the 10 biggest data breaches in the first quarter of 2023

CommonSpirit says it detected the ransomware attack on Oct. 2. After investigating, CommonSpirit says it determined that the attackers gained access to the system between Sept. 16 and Oct. 3.

The attackers did not gain access to the system’s electronic health records, but they did get access to files from two file share servers that contained some individuals’ information. CommonSpirit says it took until late February to get a clear understanding of which individuals may have been affected.

CommonSpirit says the information included names and addresses and dates of birth. The attackers also gained access to medical information, including diagnosis and treatment information, billing and claims information and health insurance information. The system says in a small number of cases, Social Security numbers were accessed.

CommonSpirit says it began sending notification to those affected via U.S. mail on April 6.

The organization also says it has bolstered security and monitoring tools in returning its computer systems online.

Nearly half (47%) of all healthcare IT professionals say their organization has been hit with a ransomware attack in the past two years, according to a survey by the Ponemon Institute. In that survey, 45% reported complications from medical procedures due to ransomware attacks.

A call center has been established for those with questions about the event. Those with questions can call 1-866-869-0312, Monday through Friday from 8:00 a.m. to 5:30 p.m.