Gritman Medical Center began reopening clinics in Moscow, Idaho, on Friday after a cybersecurity incident disrupted outpatient care beginning early Wednesday, though the hospital and emergency department remained open throughout.
Gritman first publicly disclosed the problem Thursday, saying several primary and specialty clinics were closed because of an electronic systems outage. In an update later that night, the health system said a number of clinics would remain closed Friday, including Downtown Clinic, Westside Clinic, general surgery and gastroenterology, orthopedic surgery, therapy, pain, sleep, urology and several family medicine locations.
By Friday, Gritman said electronic systems were coming back online following what it described as a cybersecurity incident. QuickCARE reopened Friday on its regular schedule, and the provider said it expected to resume normal clinic operations Monday, April 6.
KHQ reported the disruption had begun earlier, with clinics going offline early Wednesday. That suggests the operational impact began April 1, though April 2 is the first confirmed public notice issued by the provider.
Gritman said Friday that preliminary findings showed no successful access to its electronic systems and no compromise of patient or other secure data. Officials have not identified the nature of the incident or attributed it to any actor, and no public claim of responsibility or extortion demand has surfaced. DysruptionHub did not receive a response to an emailed request for comment.
The clearest impact was on outpatient care. Gritman said appointments were being rescheduled and that staff would remain available by phone to help patients reach their preferred locations. The hospital, including the emergency department, remained open during the outage, and the provider directed anyone with a medical emergency to call 911 or go to the emergency department.
Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.
Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.
Gritman is a nonprofit critical access hospital based in Moscow that says it operates 16 regional clinics and employs more than 700 people across the Palouse. Moscow has also experienced other recent cyber-related disruption. In October 2025, Moscow School District 281 disclosed a separate cyber incident after shutting down its network while classes remained in session.
The outage fits a broader pattern in recent healthcare cyber incidents, in which outpatient and business operations are disrupted first while hospitals remain open under downtime procedures and the exact cause remains unclear for days. In February, University of Mississippi Medical Center said a cyberattack knocked multiple IT systems offline, including Epic, forcing statewide clinic closures and canceling outpatient visits, procedures and imaging. Livingston HealthCare in Montana also continued treating patients after a February cybersecurity incident, though phones and network services were disrupted and some systems remained limited during recovery. In October, Colorado’s Family Health West shut down electronic systems after detecting a cyberattack, continued care on manual workflows and initially said there was no evidence of data theft or encryption.
The investigation now turns on three questions: when Gritman first detected the incident, which systems were affected, and whether the provider’s early assurance that no patient data was compromised holds up under forensic review.
