PIH Health suffers a cyber attack

PIH Health suffers a cyber attack

1

On December 1, 2024, PIH Health experienced a significant ransomware attack that compromised the networks of three major hospitals: PIH Health Downey Hospital, PIH Health Whittier Hospital, and PIH Health Good Samaritan Hospital in Los Angeles. This attack extended to urgent care centers, doctors’ offices, and a home health and hospice agency under PIH Health’s umbrella.

Immediate Impact on Operations

The ransomware attack had a profound impact on the operational capabilities of PIH Health:

  • System Downtime: The attack caused the computer systems and most phone systems at the affected locations to go offline, resulting in operational disruptions.
  • Medical Procedures: Due to ongoing technology issues, some medical procedures and surgeries had to be cancelled. This was a significant challenge, as healthcare providers had to adapt to manual processes and workarounds.
  • Increased Staffing: To cope with the high volume of calls and inquiries, PIH Health had to increase staffing. This helped manage the influx of patients and maintain some level of service continuity.
Advertisements

Data Compromised

The attackers claimed to have stolen a substantial amount of sensitive data:

  • Patient Records: Approximately 17 million patient records were compromised, containing personal and medical information.
  • Medical Episodes: Data for over 8.1 million medical episodes were stolen, including confidential diagnoses, test results, patient photos and scans, and treatment information.
  • Private Communications: Private emails between healthcare providers and patients discussing treatments were also exfiltrated.
  • Volume of Data: The hackers claimed to have stolen about 2 terabytes of files, documents, and reports.

Response and Investigation

In response to the attack, PIH Health undertook several measures:

  • Engagement with Specialists: Cyber forensic specialists were engaged to investigate the breach and assess the extent of data compromise.
  • Law Enforcement: The FBI was involved in the investigation to track down the attackers and understand the attack’s origins and mechanisms.
  • Local Notifications: Local police departments and fire departments were informed about the network disruptions to ensure coordinated efforts in handling emergencies.
  • Notification to Affected Individuals: PIH Health committed to notifying affected individuals if their protected health information (PHI) was found to be compromised.

Current Status and Recovery Efforts

As of now, PIH Health has made progress in recovering from the cyber attack:

  • Restoration of Phone Services: Phone services at the three hospitals have been restored, allowing for both incoming and outgoing calls. This was a critical step in resuming normal operations.
  • Ongoing Challenges: Despite the progress, some functionality issues persist, and the organization is actively working to resolve them. They continue to provide care using downtime procedures, although delays are still being experienced due to the increased workload.
Advertisements

Legal and Regulatory Implications

The cyber attack has significant legal and regulatory implications:

  • Potential Lawsuits: Several law firms have begun soliciting plaintiffs for potential class-action lawsuits against PIH Health, citing the breach of protected health information.
  • HIPAA Regulations: According to HIPAA regulations, covered entities must report breaches affecting PHI within 60 days of discovering the breach. PIH Health is expected to comply with these regulatory requirements.
Tags:

1 Comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.