2 min read

CommonSpirit Hack Leads to Overdoses, Surgery Delays: Hospital Chain Likely Paid Ransom to Prevent Disaster, Reports Say

Filip TRUȚĂ

November 14, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
CommonSpirit Hack Leads to Overdoses, Surgery Delays: Hospital Chain Likely Paid Ransom to Prevent Disaster, Reports Say

The October hack of CommonSpirit Health reportedly led to medication errors, delayed life-saving cancer surgery, and diverted ambulances. The nonprofit is believed to have paid the attackers ransom to protect patients’ lives.

Last month, hackers breached the network of CommonSpirit Health, the second-largest nonprofit hospital chain in the US, with 140 hospitals and over 1,000 care sites.

In an exclusive report analyzing the incident, the Daily Mail reveals that the crippling ransomware attack led to the pain medication overdose of a 3-year-old boy in Iowa. The incident also delayed critical scans and surgery, with experts telling the news outlet that patients’ lives were put at risk.

And in Washington a man was denied a planned CT scan to monitor a life-threatening brain bleed. Another patient in Washington reportedly had the removal of a cancerous tumor on her tongue delayed.

Caregivers working in the dark to help patients

People who said they work at impacted hospitals across the US took to Reddit to vent, with some admitting that the situation led to “terrible and unsafe” care on their end.

As reported on this blog in October, in a desperate plea for help, a nurse at St. Michael Medical Center called 911 to ask for help, saying she and her fellow nurses were “drowning” in patients with too few hands on deck to assist everyone.

Also last month, a parent whose daughter claimed to be a nurse at a CommonSpirit hospital told The Register that the facility had patients on dialysis machines without current lab reports. The person also said IV medications from the pharmacy had hand-written labels “without correct order information.”

"Most of the nursing staff is unfamiliar with doing paper charting and handwritten information leads to errors," they added.

Daixin Team potentially responsible for the attack

In a recent update, CommonSpirit said the "majority" of providers operating under its umbrella have access to patient electronic health records.

As the hospitals slowly recover, concerns remain about the potential leak of sensitive medical records belonging to some 20 million Americans who are registered with CommonSpirit.

Shortly after the incident became public, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) released a joint advisory to say that the ‘Daixin Team,’ a cybercrime group actively targeting US entities, was eyeing mainly the healthcare and public health (HPH) sector with ransomware and data extortion operations.

According to the advisory, the Daixin Team deploys ransomware to encrypt servers responsible for healthcare services—including electronic health record services, diagnostics services, imaging services, and intranet services, and exfiltrate personally identifiable information (PII) and patient health information (PHI), all to threaten to release that data if a ransom is not paid.

CommonSpirit likely paid ransom to prevent disaster

Databreaches.net’s Dissent Doe, a healthcare professional who covers cyber-attacks on the health sector, told the Daily Mail that, “While Daixin Team wouldn’t directly confirm involvement in the CommonSpirit attack or receipt of any ransom, all signs point to ransom having been paid – not the least of which is that if CommonSpirit hadn't paid, some group would have publicly claimed responsibility and started leaking data to put pressure on them.”

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Authorities Dismantle iSpoof Criminal Phone Spoofing Operation, Arresting 142 Authorities Dismantle iSpoof Criminal Phone Spoofing Operation, Arresting 142
Vlad CONSTANTINESCU

November 25, 2022

1 min read
975 Arrested by Interpol Over Phishing, Romance Scams, Sextortion and Investment Fraud 975 Arrested by Interpol Over Phishing, Romance Scams, Sextortion and Investment Fraud
Filip TRUȚĂ

November 25, 2022

2 min read
How SIM Swapping Attacks Work and How to Protect Yourself How SIM Swapping Attacks Work and How to Protect Yourself
Filip TRUȚĂ

November 25, 2022

3 min read