Sunday, February 5, 2023
Feb. 5, 2023

Linkedin Pinterest

As hospital network outage hits Day 4, concerns of ransomware attack on health giant grow


TACOMA — Concerns are growing over the source and possible ripple effect of a cyber event that’s hobbled one of the Puget Sound area’s main health systems and kept its online network down for four days straight.

Computer systems with Virginia Mason Franciscan Health sites in the area remained down Thursday, the fourth day in a row following an “IT security incident” reported Monday involving its parent company CommonSpirit Health.

The network’s MyChart patient portal also remained inaccessible.

The outage, affecting CommonSpirit sites in multiple states, has resulted in missed medical appointments, rescheduled surgeries, and kept patients and staff from accessing medical records, among other issues.

Employees and patients have told The News Tribune this week that staff have turned to paper charting and hand-written prescriptions in some cases. Other patients have reported inability to get prescriptions refilled or get appointments rescheduled.

While speculation has grown among outside observers that the health system was hit with a ransomware attack, no real details about the incident itself were forthcoming from either VMFH or CommonSpirit Health.

On Wednesday, CommonSpirit Health updated its website with the following statement: “CommonSpirit Health has identified an IT security issue that is impacting some of our facilities. We have taken certain systems offline. We are continuing to investigate this issue and follow existing protocols for system outages.”

On Thursday, VMFH issued its first social media post about the events since the outage’s start, saying, “VMFHealth’s parent company CommonSpirit Health is managing an IT issue impacting some of its facilities. While parts of VMFHealth are impacted, Virginia Mason Medical Center is not. We take our responsibility to our patients very seriously and apologize for any inconvenience.”

The chief information officer of another local health system told The News Tribune on Thursday he’d been in touch with a VMFH cybersecurity official and did not learn any specifics of what they are facing.

“They were not forthright in telling us what exactly is going on,” said Keith Stauffer, CIO with Peninsula Community Health Services.

Stauffer’s own network briefly went down Thursday, but he said that was part of a planned reboot.

As for VMFH outage, “I know that they’re addressing the issue. We just wanted to make sure that there was nothing that from our side we needed to be apprised of,” he said, “or if there was anything that we needed to take precautionary measures for, because we do access their system from our system.”

Cyber security analyst Robert Siciliano is CEO of He told The News Tribune via email Thursday morning that the VMFH/CommonSpirit Health outage was “likely a ransomware attack.”

Worries of a possible cyberattack spreading, Stauffer said, is top of mind for medical partners with VMFH.

Stauffer said as of Thursday, “Everything is OK on our side. We’re just keeping a close eye on (VMFH outage) as well.”

Brett Callow, a cyber threat analyst at the cybersecurity company Emsisoft, told The Washington Post on Thursday, “The scope is perhaps unprecedented in terms of the health-care sector.”

CommonSpirit, he added, is “absolutely massive.”

CommonSpirit Health has become one of the largest nonprofit health systems in the United States, with more than 1,000 care sites in 21 states, serving 20 million patients, according to its website.

VMFH hospitals in the Puget Sound area include St. Clare in Lakewood; St. Joseph and CHI Franciscan Rehabilitation Hospital, both in Tacoma; St. Elizabeth in Enumclaw; St. Anthony in Gig Harbor; St. Michael in Silverdale; Virginia Mason Hospital and Seattle Medical Center in Seattle; St. Anne in Burien; and St. Francis in Federal Way.