Hackers demanded $1 Million ransom payment from Washington-based Hospital

The ransomware attack that hit an Aberdeen, Washington-based hospital as well as the associated clinics two months back is still causing the problems. As per a report of the Daily World, the Grays Harbor Community Hospital (GHCH) as well as Harbor Medical Group (HMG) has been infected with ransomware by the hackers and they then demanded $1 million ransom payment for unlocking the patient files.

The GHCH has started experiencing IT-related problems on Jun. 15, 2019. On Jun. 17, 2019, it became clear that it was a ransomware attack and thus steps were taken in order to separate the infection as well as secure the network. But, the hackers already gained access to the servers along with the systems that were used by the clinics of Harbor Medical Group. The cyberattack began when an employee has responded by clicking a malicious link in one phishing email.

HMG operates 8 clinics in Hoquiam and Aberdeen region, and these 8 clinics were worst affected by this ransomware attack. The ransomware was more effective at the clinics as they use more recent software, thus allowing the hackers to infect larger number of systems. The GHCH used the older software, so this prevented ransomware from getting properly installed on the main computer system of the hospital.

The hospital still has the patient records, whereas the clinics have to operate on pen and paper as the systems were down in the clinics. The officials stressed that the patient care has not been impacted, with emergency care, routine appointments, and surgeries continued as scheduled. However, some of the appointments get delayed, and the patients were told to keep their prescriptions along with other medical histories at the time of care.

Backups were created by the hospital, but as the backups were also encrypted, so recovering the files from backups was not possible. As of Aug. 13, 2019, hospital still not has access to their files. This attack was reported to FBI (Federal Bureau of Investigation), and the hospital is helping with the investigation.

No proof of theft or data access was found, however the possibility couldn't be ruled out. The affected patients had following information exposed: name, phone number, address, date of birth, insurance information, Social Security number, diagnoses, as well as treatment information.

The hospital has begun notifying 85,000 patients who were affected by this breach, and each of the affected patients were offered free credit monitoring services.

» SPAMfighter News - 9/2/2019