[TheRecord] Healthcare provider expected to lose $106.8 million following ransomware attack

Scripps Health, a California-based nonprofit healthcare provider that runs five hospitals and 19 outpatient facilities, said it expects to lose an estimated $106.8 million following a ransomware attack that hit the organization in May 2021.

“Operating revenues and operating expenses for the quarter ended June 30, 2021 were significantly impacted by lost revenues and incremental expense incurred during the cyber security incident that occurred in May  2021,” the company said in its quarterly financial and operating filings last week.

The bulk of the losses, representing $91.6 million, came from lost revenues during the four weeks the organization needed to recover from the May ransomware attack.

Scripps also lost $21.1 million in costs associated with response and recovery. While the company said it recovered $5.9 million through its insurance policy, the healthcare provider said it expects to lose an estimated $106.8 million by the end of the year.

The losses stemming from the ransomware attack do not include potential losses due to litigation.

Following the attack, several patient groups also filed class-action lawsuits against the organization for failing to protect their data after the organization revealed that the hackers also stole data on roughly 150,000 patients before they encrypted the healthcare provider’s servers.

The attack, while it did not get the same national coverage in the US as the ones on Colonial Pipeline, JBS Foods, and Kaseya, was one of the most impactful of the year, with Scripps being unable to access its web portal, patient medical records, and provide some patient services for four weeks, during which time staff had to redirect patients to other hospitals, which eventually resulted in the $91.6 million in lost revenue.

While other companies most likely suffered bigger losses following a ransomware attack, Scripps is one of the few companies that chose to disclose such figures, making its ransomware attack one of the most costly known to date.

Besides Scripps Health, ransomware gangs also hit other major healthcare providers this year, such as Eskenazi HealthSanford Health, and Memorial Health System.

The post Healthcare provider expected to lose $106.8 million following ransomware attack appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[ThreatPost] Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access

All posts, ThreatPost

Remote, unauthenticated cyberattackers can infiltrate and take over the Cortex XSOAR platform, which anchors unified threat intelligence and incident responses. Source: Read More (Threatpost)

Read More

Daily NCSC-FI news followup 2021-07-09

Banking Trojans in a business wrapper www.kaspersky.com/blog/icedid-qbot-banking-trojans-in-spam/40552/ Spammers are using malicious macros to distribute IcedID and Qbot banking malware in seemingly important documents. For employees facing hundreds of e-mails, the temptation to speed-read and download attachments on autopilot can be great. Cybercriminals, of course, take advantage, sending out seemingly important documents that might contain just […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.