…. but doesn’t say much else in the way of details. Here’s their full update of October 12:
Over the course of this past week, we have been managing a response to a cyberattack that has impacted some of our facilities. Patients continue to receive the highest quality of care, and we are providing relevant updates on the ongoing situation to our patients, employees, and caregivers. Patient care remains our utmost priority and we apologize for any inconvenience this matter has created.
As previously shared, upon discovering the ransomware attack, we took immediate steps to protect our systems, contain the incident, begin an investigation, and ensure continuity of care. Our facilities are following existing protocols for system outages, which includes taking certain systems offline, such as electronic health records. In addition, we are taking steps to mitigate the disruption and maintain continuity of care. To further assist and support our team in the investigation and response process, we engaged leading cybersecurity specialists and notified law enforcement.
We continue to conduct a thorough forensics investigation and review of our systems and will also seek to determine if there are any data impacts as part of that process.
Systems serving Dignity Health and Virginia Mason Medical Center have had minimal impacts on operations by this incident. For the other parts of our health system that have seen impacts on operations, we are working diligently every day to bring systems online and restore full functionality as quickly and safely as possible.
Central to our decision-making has been and will continue to be our ability to carry out our mission in a manner that is safe and effective to those we serve. At CommonSpirit Health, we are dedicated to meeting the needs of the communities we serve and are guided by our core set of values, which include integrity, excellence, and collaboration. We are grateful to our staff and physicians who are doing everything possible to mitigate the impact to our patients and ensure continuity of care.