Home

Hackers hold medical records ransom

HCPRO Website, February 19, 2016

Hollywood Presbyterian Medical Center (HPMC) in Los Angeles was knocked offline by a cyberattack that targeted the hospital’s electronic medical records (EMR). Staff at HPMC reported problems accessing the hospital’s network on February 5, the hospital said in a statement. HPMC’s IT department discovered the network was infected with ransomware, a type of malware that locks access to files and systems until a ransom is paid. Staff were unable to access EMRs or use any affected device to communicate. The attack took down computer systems throughout the facility, including the emergency department, according to Wired.

The hackers demanded ransom paid in bitcoins, a type of electronic currency. Early reports from a local NBC affiliate, later reported in The Atlantic, put the ransom at 9,000 bitcoins, the equivalent of $3.4 million. However, HPMC disputes those reports and says the total ransom was 40 bitcoins, or $17,000. HPMC paid the ransom after determining that was the most efficient method of restoring normal operations.

Although HPMC says law enforcement was immediately contacted, the Los Angeles Times reports that HPMC paid the ransom before alerting law enforcement. HPMC contacted the Los Angeles Police Department the week following the attack. The FBI has since taken control of the investigation.
The attack forced HPMC to return to faxing and paper documentation for more than a week. Although some staff told The Guardian that they preferred writing notes and documentation by hand, some patients had to be directed to other hospitals for treatment, the NBC affiliate reported.

Normal operations and access to the EMR systems were restored February 15. All systems were tested and cleared of malware. HPMC did not say how many patients’ records or what types of information were affected, or if staff records and personal information were affected.

The investigation is still on-going. Patient care was not compromised by the incident and there is currently no evidence that patient or staff information was accessed inappropriately, HPMC said.