On May 1, 2021, Scripps Health — San Diego’s second-largest healthcare provider operating five hospitals and 19 outpatient facilities — suffered a Conti ransomware attack that took its systems offline for approximately four weeks. Attackers had first gained access on April 26, exfiltrating approximately 147,267 patients’ data before deploying ransomware. The Epic electronic health record (EHR) system was not directly compromised. Exposed data included names, addresses, dates of birth, health insurance information, medical record numbers, patient account numbers, dates of service, and clinical information. Approximately 3,700 patients also had Social Security numbers or driver’s license numbers exposed. Total financial impact was estimated at approximately $113 million, primarily from $91.6 million in lost revenue during the four-week operational outage. Scripps settled a class-action lawsuit for $3.5 million. In 2022, the U.S. Department of Justice indicted Russian national Maksim Galochkin (and others) for their roles in the TrickBot/Conti ransomware operation, specifically naming the Scripps Health attack among the victims. The attack was part of a broader Conti wave targeting U.S. healthcare during the COVID-19 pandemic.