Reports Of Ransom Demand After Massive Cyber Attack On San Diego's Scripps Health

May 3, 2021

San Diego-based Scripps Health was hacked over the weekend, greatly disrupting hospital technology and procedures. Reports are coming in that the responsible party is requesting a hefty ransom. 

Scripps Health officials have confirmed a ransomware attack initiated on Saturday, May 1 has downed their technology servers, as well as backup servers residing in Arizona, causing the healthcare company to modify operations to a paper chart system. Many critical care patients have since been diverted to other area hospitals and the online patient portal has been taken offline. Days after the attack was initiated, Scripps Health website remains unreachable. 

Scripps Health is a nonprofit healthcare company based in San Diego that includes five hospitals, 19 outpatient facilities, and treats an estimated half-million patients annually through more than 2,600 affiliated physicians. Reports say all four area hospitals - in Encinitas, La Jolla, San Diego, and Chula Vista - were placed on emergency care diversion for stroke and heart attack patients, who are being diverted to other medical centers whenever possible. All trauma patients were also being diverted.

While officials are being hush-hush about the extent of what has been affected by the hack, we have received word from Scripps Health employees who report that when the attack occurred on Saturday evening, a vast amount of hospital technology and services were affected, from a complete lack of access to patient charts, to employee cell phones going down, to computers failing, to monitors shutting off, even the cafeteria at a hospital went dark and employees could not clock out of work. Some employees are stating they were instructed not to communicate with any Scripps Health contacts via their email addresses, and all remote workers had to re-authenticate their log-ins. We have also received reports that scheduled surgeries and procedures are being abruptly cancelled.

We have also received reports that the hackers have requested a massive ransom to remove the malicious code downing Scripps Health's online systems. Reports of the ransom request range in the amount stated, ranging from $1.5 million to $50 million in Bitcoin to $500 million in cash and cryptocurrency. 

It is believed the FBI is now involved in resolving the paralyzing hack but there is currently no time table for when Scripps Health will be back to full operation. We reached out to a spokesperson from Scripps Health but did not receive a response by the time of publishing. 

On Monday afternoon, a Scripps Health representative released the following statement from what appeared to be a personal Gmail account:

"As Scripps Health continues to address the cyberattack from this past weekend, our facilities remain open for patient care, including our hospitals, emergency departments, urgent care centers, Scripps HealthExpress locations and other outpatient facilities. Our technical teams and vendor partners are working tirelessly to resolve issues related to the cyberattack as quickly as possible."

This is a developing story. We will update this post as we learn more.