In 2019, CommonSpirit Health was the largest nonprofit Catholic health service in the United States. As of 2022, it was the second-largest nonprofit hospital chain in America.
The breach was an attack on CommonSpirit Health, a parent company for over 140 hospitals across 21 states. The hospitals seemingly hit the hardest are in southern Tennessee and northern Georgia, the CHI Memorial Hospitals. There are over 100 CHI locations throughout the U.S., with quite a few centered around the Chatanooga area.
The breach was a ransomware attack, sources say. Due to policy, the hospitals aren’t paying the ransom, leaving the personal data of millions of individuals in limbo—CommonSpirit services millions of people each year.
From what we can tell, the breach occurred on October 3rd, 2022.
The breach can impact anyone who has used a CommonSpirit subsidiary hospital. “Our facilities are following existing protocols for system outages and taking steps to minimize the disruption,” said Taylor Miller, a spokeswoman for the CommonSpirit Health company. “We take our responsibility to ensure the privacy of our patients and IT security very seriously.”
We aren’t entirely sure how many files were affected by the breach. As of 2019, CommonSpirit provided services for over 20 million patients, and the number is sure to have risen through the years, causing widespread fear for personal and familial safety.