Cyber Incident Victim: Allscripts

On January 18, 2018, Allscripts experienced a ransomware attack that disrupted operations in its Raleigh and Charlotte, North Carolina data centers. The incident rendered several hosted applications unavailable, including Allscripts Professional EHR and its electronic prescribing of controlled substances system. An Allscripts user additionally reported outages affecting InfoButton, regulatory reporting, clinical decision support, direct messaging, and Payerpath functionalities, indicating broader service interruptions beyond the initially acknowledged systems. The company confirmed the ransomware incident was under investigation but did not immediately disclose the disruption through its official website or social media channels. Customers relying on the affected data centers experienced significant service interruptions, though Allscripts emphasized the incident impacted only a limited number of applications.

Allscripts responded by initiating restoration efforts using backups, expressing confidence in a swift recovery. The company’s investigation found no evidence that data had been exfiltrated from its systems during the attack. A statement issued via email to media contacts reiterated Allscripts’ focus on restoring services and protecting client data, while apologizing for the temporary outage. The absence of real-time public updates on the company’s primary communication platforms contrasted with user reports of prolonged downtime affecting multiple critical functions. No further details regarding the ransomware variant, attack vector, or exact restoration timeline were disclosed in the available information.