Palomar Health Medical Group hit by potential cyberattack

Patients of Palomar Health Medical Group in North County have been experiencing delays since the medical provider detected suspicious activity on its computer network Sunday.

Palomar acknowledged the situation in a brief statement released Tuesday, stating that it has not affected operations at its two hospitals in Escondido and Poway. But the organization has provided scant details on how the incident has changed patient care.

The statement did state that the medical group's "phones, faxes and portal are non-functional at present," apologizing to patients who it says "may experience delays."

However, Palomar did not respond to requests for more information on how many patient appointments have been delayed or rescheduled as a result of the investigation.

It is standard practice for organizations to immediately lock down technology resources when suspicious activity is detected in order to prevent a potential malicious software attack from spreading, and that, according to the alert, is what happened at the medical group. Palomar says it has hired outside experts to get to the root cause of the suspicious activity.

Tri-City Medical Center in Oceanside is the most-recent local health care organization to take similar steps when malicious software appeared on its network in late November 2023. Cyber extortionists used a type of malicious program commonly called "Ransomware" to attempt to extort cash from the public district hospital, even posting stolen records on a murky corner of the Internet called the Dark Web.

Tri-City's operations were severely impacted for more than one week, which was significantly shorter than the month that Scripps Health found its operations tied in knots after a ransomware attack in 2021, causing an estimated $113 million in lost revenue.

For the meantime, the Palomar Health breach appears to be less severe, though operations do appear to have been affected.

An internal "emergency alert" notice obtained by The San Diego Union-Tribune that was reportedly sent to medical professionals after the attack indicates that Palomar directed workers to use smartphone-based software to communicate and to use those resources "with paper-based charts," as a workaround while "an outside investigator" runs "a forensic analysis on what systems have been impacted and to ensure their restoration."

Formed from the merger of Arch Health Partners Medical Group and Graybill Medical Group in 2019, Palomar Health Medical Group lists 10 different operating locations, mostly in Escondido with single locations in Poway, Fallbrook and Murrieta.

This story originally appeared in San Diego Union-Tribune .