Cyberattack on Lexington hospital’s parent company could be largest in US history

Cyberattack on Lexington hospital’s parent company could be largest in US history
Published: Nov. 1, 2022 at 5:55 PM EDT
Email This Link
Share on Pinterest
Share on LinkedIn

LEXINGTON, Ky. (WKYT) - Cybercriminals are wreaking havoc on American infrastructure, including a recent attack on the fourth-largest healthcare provider in the country.

The day and age of digital data have made major businesses and companies more susceptible to an online hack of their private information. The American Association of Medical Colleges reports that there were 600 U.S. hospitals attacked in 2020 alone.

October’s ransomware attack on the parent company of Lexington’s CHI St. Joseph Hospital, CommonSpirit, could be the largest medical cyberattack in U.S. history.

According to data released from the treasury department, banks spent more than a billion dollars in ransomware-related payments last year. That’s more than double from 2020 and the highest ever reported.

“I don’t want somebody to have my social security number,” said PhishingBox Marketing and Communications leader Alex Risen. “I don’t want somebody to have access to how much I’ve been paying for something. My patient, in the healthcare sector, my patient records. Somebody to have access to that information would be pretty intimate and aware of what’s going on in my life.”

These trojan horses are getting tougher to spot and harder to prevent.

“Today’s phishing scams are more of social engineering spearfishing, they are really sophisticated, and more things are getting through our IT security firewalls because more people just aren’t doing things the same way they’re used to doing it,” Risen said.

Cyber experts say no sector is immune from these types of attacks, including city government, manufacturing, education or even healthcare systems. However, each consumer and employee can do their part to pause, question, verify and double-check before ever clicking a link or sharing access.

We have reached out again to CHI St. Joseph Hospital and its parent company, CommonSpirit, for an update on the attack, but have not yet heard back. The latest information provided was nearly two weeks ago, on October 19.