Some Patient Procedures Moved, Some Systems Taken Offline After CHI Memorial Parent Company Is Hacked

  • Monday, October 3, 2022

A hacking incident has hit the parent company of CHI Memorial and affecting the local hospital.

CHI officials said some patient procedures have had to be rescheduled and some systems taken offline.

A source said CHI Memorial employees on Monday morning were notified of the "internal disaster." The source said it is believed the hack may have come from China.

Hospital officials said, "CHI Memorial’s parent company, CommonSpirit Health, is managing an IT security incident which is impacting some of our facilities. As a precautionary step we have taken certain IT systems offline, which may include electronic health record (EHR) systems and other systems. Our facilities are following existing protocols for system outages and taking steps to minimize the disruption.

"We take our responsibility to ensure the privacy of our patients and IT security very seriously.  As a result of this incident, we have rescheduled some patient procedures. Patients will be contacted directly by their provider and/or care facility if their appointment is impacted."

John Anthony Smith, whose Chattanooga-based Conversant Group works to prevent such breaches, said, “I cannot speak to the specific situation at CHI Memorial and CommonSpirit Health; however, my heart is with the IT Professionals, staff members, and executive leadership that are maneuvering these horrific conditions.  Threat actors are vicious, and they do not care about the lives they destroy or injure.  We, Conversant Group & Fenix24, have faced threat actors in many breaches over our long history, and we understand the pain, damage, and destruction they are capable of.  Fenix24 focuses on companies in these situations, like CommonSpirit, to recover from breaches, locate/isolate/eradicate the threat actors, and rebuild/recover systems as needed.

"Unfortunately, most breaches have common causes, and they are largely simple and easily preventable…but, conversely, easily missed.  IT Professionals often spend most of their day-to-day “keeping the lights on,” and often do not have the time to make sure every window and door are closed.  A carefully orchestrated security management program that evaluates TRUE technical risk is critical.  Threat actors do NOT attack an organization’s policies: they attack technical controls and systems orchestration.


"My educated guess is that, like most breaches, this event occurred due to one or more of these common causes:


  1. Vulnerable / weak / untested recovery systems.
  2. Poor e-mail filtering defenses.
  3. Poor credential / identity management or lack of multifactor authentication.
  4. Limited or poor third party / supply chain management.
  5. Weak / inadequate endpoint controls.
  6. Limited or inadequate Security Operation Center services.
  7. Google Chrome use and/or browser password caching allowed.
  8. Limited or poor security awareness training.


"Again, my prayers are with those facing many long nights, weeks, and months in recovering from this breach; it isn’t fun.  We do this daily; we get in these ditches with our clients - it’s our Good Samaritan value.”

Breaking News
Police Blotter: Thief Takes $60 Cash, Leaves Marinara Sauce At Walmart; Man Departs After Roommate Argument
  • 12/3/2023

A man told police he left his marinara sauce and $60 in change at the self-checkout at Walmart at 8101 E. Brainerd Road. When he returned to the store about an hour later, customer service had ... more

Latest Hamilton County Arrest Report
  • 12/3/2023

Here is the latest Hamilton County arrest report: ADAMS, COURTNEY 1611 N ORCHARD KNOB AVE CHATTANOOGA, 374063048 Age at Arrest: 31 years old Arresting Agency: Chattanooga PD VIOLATION ... more

Homicide Suspect Arrested In Michigan For Stabbing Death In Chattanooga
  • 12/2/2023

Chattanooga Police Department's Homicide Unit secured warrants for the arrest of Edwin Aldo Mendez-Perez, 22, in relation to the homicide of Rosalio Gomez-Gutierrez, 28, that happened on Sunday. ... more