Security News > 2022 > October > Hospital giant's IT still poorly a week after suspected ransomware infection

Computer systems are still down at CommonSpirit Health - America's second-largest nonprofit hospital network - more than a week after it was hit by a somewhat mystery cyberattack.

Last week, the notice said this included "Electronic health record and other systems," and blamed "An IT security issue." That detail is missing from the latest missive, linked from the CommonSpirit dot-org website.

A CommonSpirit spokesperson declined to answer The Register's questions about the situation, including those about its scope, remediation activities, and whether it was a ransomware attack, and instead directed us to the "IT issue" statement on the website.

A person who claimed to work for CommonSpirit posted over the weekend on a Reddit board for nurses complaining that IT systems including patient record software Epic, payroll tools, shift scheduling suite Kronos, and the company intranet were down.

A Register reader who said her daughter is a nurse at a CommonSpirit hospital, which we have chosen not to identify, said the facility has patients on dialysis machines without current lab reports, and IV medications coming from the pharmacy have hand-written labels "Without correct order information."

In April, the US Health and Human Services agency warned healthcare orgs about the Hive ransomware gang, which HHS described as an "Exceptionally aggressive" threat to the health sector.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/10/12/hospital_outages_ransomware/