NewsLocal News


Scripps Health CEO addresses cyberattack in an internal memo

Scripps Health
Posted at 6:06 PM, May 11, 2021
and last updated 2021-05-11 21:06:12-04

SAN DIEGO (KGTV) - Patients are still struggling to get information about when appointments will be back to normal within the Scripps Health system, 10 days after a cyberattack crippled the system's network and forced numerous cancellations of surgeries and appointments.

Greg Miner is an IT specialist for a local law firm. He and his family have been patients with Scripps for more than twenty years.

"As somebody involved in computer resilience and system resilience, my biggest concern is what's the plan?" said Miner.


Hundreds of patients are asking questions and getting some answers on the Scripps Facebook page, but the corporate leadership has been unusually quiet. Employees have also told ABC 10News that they're frustrated with the lack of information.

"It's not even so much that it's been down, which is highly irritating, but it's the failure to communicate with people in alternative fashions in any way, shape, or form," said Miner.

Scripps Health CEO and President Chris Van Gorder addressed the staff for the first time Monday with this internal memo:

"After more than a year caring for our patients, community, and each other during the worst pandemic in more than 100 years, I was looking forward to the numbers dropping with our new widespread vaccination program and getting back to our new normal – whatever that was going to look like going forward. I suspect that like all of you, I was hoping for a bit of a break – not that we ever get much downtime in health care. But unfortunately, we are facing another challenge on top of everything else we are doing.

As you know, on May 1st Scripps was hit with a cybersecurity incident with malware placed on our information system. Our team prepares for this type of situation and immediately took steps to contain the malware by taking a significant portion of our network offline. We – and you – implemented our downtime protocols and initiated our command centers once again. We also immediately engaged outside consultants and experts to assist us in our investigation and other experts to help us restore our systems and get back online as soon as possible. They are all working 24/7 as I write this note to you.

I want to thank you all for the manner in which you have taken on one more major challenge on top of everything else. I’ve been asked how much more you can all take on top of what you have already done over the past 15 months and more. My answer is Scripps will always do what is necessary to care for our patients first so that means we will do whatever it takes to do so – and you are. Using our manual systems for a couple of hours is one thing – it’s another altogether to do it for days – but you are. I’ve been sent wonderful photos and notes of teams using manual techniques to make sure the patients are getting the care and support they need.

I should point out that patient care decisions are being made locally between our physicians and clinical team – not at the corporate level. Centrally, we are working to get our systems back up as soon and safely as we can and supporting decisions being made at the patient care level. Thank you for the extraordinary way in which you are caring for our patients and helping me bring Scripps back to normal operations. I’m no longer surprised by your focus, dedication, support and innovation. You have proven yourselves over and over again.

I do want to speak briefly about communication and transparency. My philosophy and Scripps’ philosophy is to be as open and transparent as possible. I will continue to do that but I want you to know this is a different kind of situation which limits what and when I can say things. We need to let our investigation proceed and work with our consultants and outside governmental agencies, and when I can share, I will. I do want you to know that this malware attack targeted our information systems. At this time, we have no reason to believe individual data incidents affecting employees, physicians or patients are related to our current incident.

We plan for all emergencies – as we did for this type of situation – even though we had a number of safeguards in place to prevent this happening. As you know, there are many other hospitals, governmental organizations and businesses that have had to go through this type of situation - some are going through this at the same time across our country and around the world. We are committed to continuing to evolve and enhance our security measures, and look to our government to help private enterprises combat this significant threat to health care.

For our part we are in this battle, but our patients come first. Because of you, our patients are being cared for safely. If you ever have concerns about patient safety, please talk to your managers, physician leaders and location administration right away so we can address immediately.

To our physicians, nurses, clinical staff, support staff, information services and all of you who have shifted jobs to act as runners or support the front line – thank you. Once again, we will get through this together and become a resource for those organizations that will be impacted by situations like this in the future, because as we contain one virus in our country, it appears we have another to confront as a society."

Van Gorder did not refer to the attack as a case of ransomware, but as each day passes, patients like Miner are losing confidence.

"I want the resilience of being able to go into a doctor's office, critical care facility, or emergency room and not have a fear that they don't know who I am, what I am, what my conditions are, and the nuances of me as an individual," said Miner.

Patients with upcoming appointments are still advised to call 1-800-Scripps for information.