Anne Ward Ernst reports:
Sonoma Valley Hospital reported on Thursday, Oct. 22 that a security incident on Oct. 11 knocked out its computer systems, and is not fully restored. The incident “triggered a significant downtime event,” an official said.
Read more on Sonoma News.
The hospital’s most recent update, posted on its site, reads:
On October 11, Sonoma Valley Hospital experienced a security incident that affected computer systems and triggered a significant downtime event.
Currently, the Hospital is maintaining operations while computer systems are being fully restored. We have maintained the ability to care for patients using our business continuity plan.
- Emergency Care remains available 24/7. Necessary surgeries and elective procedures have not been disrupted by the incident.
- The majority of diagnostics are being continued without interruption.
- The patient portal remains available but new results have not been posted to the portal since October 11.
The Hospital immediately initiated an investigation. We have partnered with outside experts to help us investigate and remedy this incident. We will provide updates as the investigation progresses.
If you have questions regarding your particular health needs, please contact your physician or provider.
(Updated: 11:25 am, October 22, 2020)
Notice that their statement does not mention whether there is any indication that any patient data has been accessed or exfiltrated. Nor does their statement mention “ransomware” or whether there have been any ransom demands, although from the description of the impact, it sounds like this was a ransomware incident.
So far, I have not seen this incident on any of the dozen or so dark web leak sites run by various ransomware groups, but a number of active groups do not maintain any such sites.