Michigan’s Brookside ENT and Hearing Center forced to close due to a Ransomware Attack

The system at Michigan's Brookside ENT and Hearing Center, which housed the patient records, payment information and appointment schedules, was encrypted by a ransomware attack making the data inaccessible.

The cyber attackers claimed that they can provide a key for unlocking the encryption, however in order to have the key for decrypting files, an amount of $6,500 was needed to be paid. The owners of this medical practice, John Bizon, MD, and William Scalf, MD, refused to pay the ransom demand as they think that no guarantee was there that a valid and correct key would be provided and, after paying, this cyber attackers can demand another payment.

Since the attackers received no payment, they deleted all the files of the system and ensured that none of the information can be recovered. So not having any billing and medical records, the doctors decided to close the medical practice on April 1, 2019, rather than rebuilding their medical practice again from scratch.

The FBI has been alerted about this security incident. No patient data seemed to have been accessed and/or viewed prior to the files being deleted, thus it is believed that there is no risk to the patients. But, the patients who don't obtained their medical records copies before the ransomware attack took place will lost all their records stored by this medical practice.

"We didn't even know who had an appointment in order to cancel them. So what I did was just sort of sat in the office and saw whoever showed up. For the next couple of weeks," Scalf said. The medical practice will close officially on Apr. 30, 2019, until then the patients can contact the staff of the medical practice to get referrals.

This incident highlights that it is important to ensure that backups of all the data are made. Moreover, all the backups must be regularly tested so as to ensure that they are not corrupted, and the file recovery has been possible. A good practice is to create at least three backup copies - two on different media types, and store the third copy securely off site - means that is neither networked nor accessible over internet.

» SPAMfighter News - 4/23/2019