Unknown attacks CommonSpirit

Incident Date: Oct 03, 2022

Attack Overview
VICTIM
CommonSpirit
INDUSTRY
Healthcare Services
LOCATION
USA
ATTACKER
Unknown
FIRST REPORTED
October 3, 2022

Ransomware Attack on CommonSpirit: A Detailed Overview

An unknown ransomware gang has attacked CommonSpirit. CommonSpirit is a Catholic health system that employs over 150,000 people and is headquartered in Chicago, Illinois, USA. The organization first identified the attack on October 3rd, 2022, and forced the hospital chain to take systems offline, including electronic health records. The resulting downtime delayed surgeries and even led to a toddler receiving a dose of painkillers five times what would normally be administered.

On October 31st, CommonSpirit published an update confirming that most hospital-based systems for its Central Iowa facilities were back online, as well as its payroll systems. MercyOne, a subsidiary of CommonSpirit, said in an update that "it will take some time before we can restore full functionality, and we continue to work to bring our systems up as quickly and safely as we can."

CommonSpirit later disclosed to the Department of Health and Human Services that the incident impacted 623,744 individuals. The organization claimed the incident cost approximately $150 million in a quarterly report.

Legal Repercussions

Two class action lawsuits against CommonSpirit were initiated due to the ransomware attack. The lawsuits were filed in the US District Court for the Northern District of Illinois and Washington state, accusing CommonSpirit of negligence and insufficient implementation of cyber security protocols. These allegations claim that the organization's failure to take appropriate measures resulted in the unauthorized disclosure of sensitive information.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.