The hospital did publish information about the breach on its website, stating that on Jan. 31, Lurie Children’s “took certain electronic systems offline, including our email, phones, and electronic health record system (Epic), and its patient portal (MyChart). Lurie Children’s also activated our standard incident response procedures, including the Hospital Incident Command Structure (HICS).”
The statement also addresses the time it took to address the issue, stating that, “due to the complexity of the attack as well as our infrastructure, it has taken time to understand what happened and to identify the scope of impact to our systems and data.”
The lawsuit, brought about by multiple patients, states that they have suffered “irreparable” damages and lost much time trying to mitigate these issues on their own to date, and seeks compensation for such damages.
Becker’s reached out to the hospital for comment and received the following statement: “As is Lurie Children’s policy, we are unable to comment on pending litigation matters,” a hospital spokesperson said via email. “Our focus is on continuing to care for our patients as well as addressing the cybersecurity attack.”
