Tri-City Medical Center in Oceanside, California, finds itself in the midst of a cybersecurity crisis, prompting the declaration of an "internal disaster" and the diversion of ambulance traffic to other healthcare facilities. 

The hospital is grappling with the aftermath of a cyber attack, forcing it to take urgent measures to contain the damage and safeguard patient records, according to a report by The San Diego Union-Tribune.

(Photo : Jan Hetfleisch/Getty Images)
INNSBRUCK, AUSTRIA - JANUARY 01: A nurse checks a patient's data on a computer in the ward at the main city hospital during the coronavirus pandemic on January 01, 2022 in Innsbruck, Austria.

"Cybersecurity Challenge"

Hospital management has officially acknowledged the situation, revealing that the emergency department is still ready to handle cases arriving in private vehicles. Tri-City collaborates with other health system partners to ensure the continuous delivery of healthcare services to the community. 

While the precise nature of the cyber attack remains unspecified, the medical center indicates that it is facing a "cybersecurity challenge" similar to incidents affecting healthcare providers across the nation.

Although ransomware, a form of malicious software that extorts payment while compromising an organization's digital infrastructure, is suspected by individuals familiar with the situation, Tri-City management has not confirmed this speculation. 

Aaron Byzak, the hospital's chief strategy officer and spokesperson, notes that a forensic analysis is underway, and additional information will be shared once available.

Tri-City Medical Center is an independent medical provider serving the Oceanside, Carlsbad, and Vista area since 1961. It is also undergoing this cyber attack during a critical period. 

The hospital is currently engaged in due diligence with UC San Diego Health, the selected entity to manage its operations under a joint powers agreement. 

Healthcare entities are increasingly falling prey to digital threats, as reported by the U.S. Office of Information Security, which notes a doubling of data breaches over the past three years. 

Of particular concern is the escalating danger of ransomware, evidenced by a 45% surge in the average ransom demand from 2020 to 2021, peaking at $247,000. 

Read Also: 'All of Sony Systems' Allegedly Hacked: Ransomed.vc Group Allegedly Deployed Ransomware to Entertainment Giant?

Ransomware Attacks on Healthcare Providers

A comprehensive study spanning the years 2016 to 2021 uncovered 374 ransomware attacks on healthcare delivery organizations, compromising the personal health information of more than 42 million Americans.

Brett Callow, a threat analyst at Emisoft, underscores a recurring scenario in hospital cyber attacks, emphasizing the theft of data before system lockdowns. The repercussions extend beyond the targeted hospital, impacting neighboring facilities forced to accommodate additional patients. 

This situation raises apprehensions about financial and operational ramifications and potential disruptions to patient care.

The healthcare providers in San Diego County have grappled with substantial cyber threats in recent times. In 2021, Scripps Health encountered a ransomware attack that disrupted access to electronic health records, resulting in a staggering $113 million lost revenue. 

Similarly, UC San Diego Health faced a data breach the same year, exposing protected information, albeit without affecting day-to-day operations. 

Related Article: White House Conducts First Cybersecurity Summit Addressing Ransomware Attacks on Schools