Fraud Management & Cybercrime , Healthcare , HIPAA/HITECH

CommonSpirit Ransomware Breach Affects About 624,000 So Far

Leaked Data Includes Names, Addresses and Birthdates
CommonSpirit Ransomware Breach Affects About 624,000 So Far

The ransomware hacking incident at CommonSpirit affected the data of at least approximately 624,000 individuals, the hospital chain told federal regulators.

See Also: Healthcare in The Cloud: Detecting and Overcoming Threats to Ensure Continuity & Compliance

The second-largest nonprofit hospital chain in the United States has slowly dribbled out information about the ransomware attack it first detected in early October (see: Patients Affected by Cybersecurity Event at Hospital Chain).

A Monday update to the Department of Health and Human Services' HIPAA Breach Reporting Tool is the first data-driven indicator of the incident's scope. The hacking incident involving a network server affected 623,774 individuals, the hospital chain says.

Among the information compromised were names, addresses, phone numbers, birthdates, and a unique ID used only internally by the organization.

CommonSpirit says it is reviewing additional files potentially affected by the ransomware incident, meaning the total number of affected individuals could increase. So far, CommonSpirit has not issued breach notifications for any other entities affected by the ransomware incident.

Individuals known to be affected include patients who received services from any of seven hospitals in Washington state that are collectively part of Virginia Mason Franciscan Health, an affiliated entity of CommonSpirit, as well as those patients' family members or caregivers.

The affected Virginia Mason Franciscan Health entities include St. Michael Medical Center, St. Anne Hospital, St. Anthony Hospital, St. Clare Hospital, St. Elizabeth Hospital, St. Francis Hospital and St. Joseph Hospital (see: CommonSpirit: Patients' Data Breached in Ransomware Attack).

As of publication, there is no report posted on the HHS OCR data breach website regarding Des Moines, Iowa-based hospital MercyOne, which was also affected by the CommonSpirit ransomware incident. MercyOne was previously jointly owned by CommonSpirit and Michigan-based Trinity Health before being acquired by Trinity Health this year.

MercyOne still uses CommonSpirit's IT systems, and the Iowa-based entity's electronic health records access and other application functionality were affected for several weeks following the ransomware incident.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.