Some Patient Procedures Moved, Some Systems Taken Offline After CHI Memorial Parent Company Is Hacked

  • Monday, October 3, 2022

A hacking incident has hit the parent company of CHI Memorial and affecting the local hospital.

CHI officials said some patient procedures have had to be rescheduled and some systems taken offline.

A source said CHI Memorial employees on Monday morning were notified of the "internal disaster." The source said it is believed the hack may have come from China.

Hospital officials said, "CHI Memorial’s parent company, CommonSpirit Health, is managing an IT security incident which is impacting some of our facilities. As a precautionary step we have taken certain IT systems offline, which may include electronic health record (EHR) systems and other systems. Our facilities are following existing protocols for system outages and taking steps to minimize the disruption.

"We take our responsibility to ensure the privacy of our patients and IT security very seriously.  As a result of this incident, we have rescheduled some patient procedures. Patients will be contacted directly by their provider and/or care facility if their appointment is impacted."

John Anthony Smith, whose Chattanooga-based Conversant Group works to prevent such breaches, said, “I cannot speak to the specific situation at CHI Memorial and CommonSpirit Health; however, my heart is with the IT Professionals, staff members, and executive leadership that are maneuvering these horrific conditions.  Threat actors are vicious, and they do not care about the lives they destroy or injure.  We, Conversant Group & Fenix24, have faced threat actors in many breaches over our long history, and we understand the pain, damage, and destruction they are capable of.  Fenix24 focuses on companies in these situations, like CommonSpirit, to recover from breaches, locate/isolate/eradicate the threat actors, and rebuild/recover systems as needed.

"Unfortunately, most breaches have common causes, and they are largely simple and easily preventable…but, conversely, easily missed.  IT Professionals often spend most of their day-to-day “keeping the lights on,” and often do not have the time to make sure every window and door are closed.  A carefully orchestrated security management program that evaluates TRUE technical risk is critical.  Threat actors do NOT attack an organization’s policies: they attack technical controls and systems orchestration.


"My educated guess is that, like most breaches, this event occurred due to one or more of these common causes:


  1. Vulnerable / weak / untested recovery systems.
  2. Poor e-mail filtering defenses.
  3. Poor credential / identity management or lack of multifactor authentication.
  4. Limited or poor third party / supply chain management.
  5. Weak / inadequate endpoint controls.
  6. Limited or inadequate Security Operation Center services.
  7. Google Chrome use and/or browser password caching allowed.
  8. Limited or poor security awareness training.


"Again, my prayers are with those facing many long nights, weeks, and months in recovering from this breach; it isn’t fun.  We do this daily; we get in these ditches with our clients - it’s our Good Samaritan value.”

Breaking News
Police Blotter: Suspicious Woman Is Just Trying To Fill A Prescription; Woman Says Neighbors Are Always Causing Problems
  • 1/29/2023

Police were notified of a suspicious person behind the Walgreens at 2104 McCallie Ave. in a black Jeep. Police were told the vehicle had been sitting there for roughly an hour. Police approached ... more

Latest Hamilton County Arrest Report
  • 1/29/2023

Here is the latest Hamilton County arrest report: BROWN, SAMUEL JOSEPH 2512 FYFFE AVE RED BANK, 374156213 Age at Arrest: 46 years old Arresting Agency: Chattanooga PD THEFT OF PROPERTY ... more

Police Blotter: Man Finds Cigarette Butts On His Deck; State Farm Customer's Debit Card Used To Pay For GEICO Insurance
  • 1/28/2023

A man on Heritage Landing Drive told police the day before around 10 a.m. he discovered three cigarette butts on his outside deck. He is concerned someone may have been on his deck sometime the ... more

Placeholder New Ad Type will go here