Play Live Radio
Next Up:
Available On Air Stations
Watch Live


Scripps Health Remains Plagued By Weekend Cyberattack

Scripps Health Medical Center in Escondido is pictured in this undated photo.
Scripps Health
Scripps Health Medical Center in Escondido is pictured in this undated photo.
Saturday, computer access to patient records, scheduling and critical electronic systems such as vital sign monitoring have been unavailable. The software malfunction is believed to be part of a cyberattack affecting Scripps Health system in San Diego as well as the system’s backup servers in Arizona.

A weekend cyberattack that left Scripps Health's systems down continued to plague the San Diego-based health care system Monday, leaving many people with upcoming appointments uncertain and no concrete timeline for recovery.

According to a statement posted on its social media pages, Scripps technical teams were working to resolve the "information technology security incident" first detected late Saturday.

Details on the nature of the attack were not disclosed, though Scripps indicated it has notified law enforcement "and the appropriate governmental organizations."


Outpatient urgent care centers, Scripps HealthExpress locations and Emergency Departments remain open for patient care and "established back-up processes, including offline documentation methods" were being used with its online systems down, according to Scripps.

"We want to reassure our patients that our physicians and employees are well-trained and thoroughly prepared to respond to this sort of situation so that we can continue to care for the community's health care needs," according to the company.

Scripps said some Monday appointments were postponed as a result.

"We are working on how best to notify these patients about the need to reschedule," Scripps Health said in its statement.

VIDEO: Scripps Health Remains Plagued By Weekend Cyberattack

University of San Diego cybersecurity professor Mark Heckman said with the health care giant’s website down and Scripps officials suspending access to online applications this sounds like a malware attack — designed to disrupt and/or copy systems — where hackers could be asking for a ransom.


“If you want to get your data back, you have to pay the attacker to give you the secret key,” Heckman said, describing a ransomware attack.

We don't know if that’s the case, Scripps officials are being tight-lipped on details.

“There’s a certain amount of embarrassment and damage to the brand when you admit you’ve suffered from a cyberattack,” Heckman said, speaking generally about cyberattacks.

He said it could take weeks or months to investigate the hack.

“Organized crime in cybersecurity is very well organized and very lucrative,” he said. “There are people who make money by finding vulnerability in systems.”

There’s no telling how long a forensic investigation will take, or what the full impact is. Heckman said hospitals are becoming prime targets for attackers.

“The value of medical records is many, many, many times greater than a stolen credit card for example,” he said.

Those seeking information regarding their appointments can call 1-800-SCRIPPS. The health care system's website remained down as of Monday afternoon.

On the health care system's social media pages, many users left comments asking whether or not their appointments scheduled for this week would be postponed in the wake of the attack. A Scripps Health representative responding to the comments indicated users would be informed via private messages on how to proceed.

One user asked whether they should be concerned over their personal information being compromised due to the attack.

A Scripps representative responded, "We are still in the process of assessing the extent of this attack. If any of our patients' information was compromised, we will be reaching out to them."

Scripps Health Remains Plagued By Weekend Cyberattack
Listen to this story by Matt Hoffman.

KPBS has created a public safety coverage policy to guide decisions on what stories we prioritize, as well as whose narratives we need to include to tell complete stories that best serve our audiences. This policy was shaped through months of training with the Poynter Institute and feedback from the community. You can read the full policy here.