Follow-up Regarding May 2021 Cybersecurity Incident

As you may recall, Scripps Health experienced a cybersecurity incident in early May 2021. Immediately upon learning about the cyber incident, we quickly notified the appropriate authorities, including local and federal agencies. We immediately took steps to contain the situation and further enhance our information security systems. Scripps also initiated an investigation, and independent computer consulting and forensic firms were engaged to assist.


Since that time, Scripps Health has continued to conduct an extensive and time-intensive investigation, which has included a manual review of documents involved in the incident. The recently concluded review determined that additional patient information was contained in those documents, and we are mailing notification letters to those newly identified individuals so they can take steps to protect their information. At this point, we have no indication that any of this data has been used to commit fraud.


Maintaining the confidentiality and security of our patients’ information is something we take very seriously, and we sincerely regret any inconvenience or concern the incident may have caused. We have continued to implement enhancements to our information security, systems, and monitoring capabilities. We also are continuing to actively work with federal law enforcement to support their ongoing effort to investigate those responsible. 


A separate, dedicated call center is available to assist individuals who have questions about the incident. The dedicated call center number is 855-535-1822 and is available Monday through Friday 6 AM to 6 PM Pacific Time.