About one week after Chicago-based CommonSpirit confirmed it was hit by a ransomware attack, Fitch Ratings said it finds the overall credit impact "minimal at this time," according to an Oct. 18 update.
The 140-hospital health system confirmed the ransomware attack Oct. 12 after more than a week of IT outages at numerous sites of care throughout the U.S., including shut down EHRs and canceled appointments and surgeries at hospitals from Washington to Texas to Tennessee.
Fitch noted in its non-rating action commentary that the ransomware attack on CommonSpirit "highlights increased risks to healthcare providers as such attacks become more common."
"While there will certainly be some lost revenues due to the cyberattack requiring some systems be taken off line, the depth and current breadth of the losses are expected to be di minimus compared to CommonSpirit's total operating base," the credit rating agency said. "In addition, CommonSpirit has cyber-security insurance, and Fitch believes that recovery of costs should be manageable."
Fitch upgraded CommonSpirit's long-term rating to "A-" on Sept. 21.