The recent cyberattack on Schneider Regional Medical Center has brought local and federal law enforcement into the picture, according to the medical center’s chief executive officer. Some details about Sunday’s ransomware attack were shared with lawmakers during Wednesday’s hearing before the Senate Committee on Appropriations, Budget and Finance.
Schneider Regional CEO Tina Comissiong and Information Technology Officer Brandon Richardson told the committee that efforts to restore the system were still in the works, and perpetrators are demanding an undisclosed sum to remove impediments placed on the system. But both medical center officials say systems at the Roy L. Schneider Hospital are up and running, thanks to an emergency operations plan developed well in advance.
“The systems were shut down to allow the ITT team, the federal and mobile authorities to investigate the attack. We instituted a disaster recovery plan that we have in place, and we are currently on downtime procedures while the system is being investigated and brought back up in a safe way,” Comissiong said.
Committee Chairwoman Donna Frett-Gregory asked about the extent of the attack. “ … As far as you know, that’s both hospitals or just the hospital you’re managing?”
The medical center chief said she and her staff have been in touch with officials at the Gov. Juan Luis Hospital on St. Croix, “and they are not affected at this time. We’re the only hospital to our knowledge that’s affected,” Comissiong said.
Committee member and Senate President Novelle Francis said he understood the medical center team could not fully disclose the nature of their talks with investigators and that the probe into the ransomware attack was ongoing.
“Can you briefly discuss what’s happening with the cybersecurity issue?” Francis said.
“We did not get affected by CrowdStrike — that thing that happened to Delta (Airlines),” Comissiong said, referring to the global outage Friday that was tied to a software update for Windows hosts by the firm CrowdStrike, based in Austin, Texas, which provides cloud services for companies worldwide, including airlines.
“Relative to the situation at Schneider, as Miss Comissiong made reference to, we did enact our disaster recovery plan; we are currently still doing that. We are working with our local partners as well as our federal partners about the best course of actions. We’re looking pretty good but I don’t want to say anything more until we are fully back up, but right now it seems we’re in a good direction,” Richardson said.
Comissiong added that the day-to-day operation of providing patient care continues; surgeries are still taking place at the Roy L. Schneider Hospital and access to medicines and other items needed daily remains in place.
“We have downtime procedures where we are fully comfortable with paper charting — we’re still operating as normal in terms of surgeries and day-to-day patient care on the floor. Our emergency room is still open treating patients. We’re still able to access our medications and other things we need to do day-to-day patient care. So that continues, uninterrupted,” she said.
“And that’s why we prepare for these types of situations. It’s really unfortunate that we’ve had this kind of attack,” the medical center chief said.
