An “IT security incident” reported last week by CommonSpirit Health, one of the US’s largest health systems, is likely a cyberattack, security experts said. CommonSpirit had announced that an unspecified security incident was affecting multiple regions and interrupting access to electronic health records. As a precautionary step, some systems were taken offline as a result of the incident, the system said.
Some of CommonSpirit’s facilities in Chattanooga, Tennessee, moved certain systems offline including electronic health records, according to a statement from CHI Memorial, which operates two hospitals in the Chattanooga area. Some patient procedures were rescheduled due to the incident, CHI Memorial said in the statement.
While few details have left some to speculate on the nature of the security incident at Chicago-based CommonSpirit Health, moving systems offline and interrupting access to electronic health records is viewed as a defensive move, security experts told Healthcare Dive.
It’s possible that an attacker has access or is trying to get access to their system and they want to do whatever they can to prevent that. So what’s the easiest way to do that? Unplug everything,” said Allie Mellen, senior analyst of security and risk at Forrester, a research and advisory firm for various industries.
Hospitals operated by CommonSpirit in Iowa, Washington, Texas and Nebraska also have been affected by the security issue after problems were first reported in Chattanooga.
Some hospitals were forced to revert to using paper charts and others diverted ambulances for a short period.
In Iowa, the Des Moines Register reported ambulances were diverted for a short period of time from MercyOne Des Moines Medical Center, a CommonSpirit facility, to other emergency rooms. In Washington, the Kitsap Sun reported the inability to access electronic health records has forced providers to revert to using paper charts.
