Recently Hollywood Presbyterian Medical Center paid hackers $17,000 (40 bitcoins which is a digital currency) while under a cyberattack. The attack was categorized as a ransomware attack – this is where systems are breached and data and records are “held hostage” until the ransom is paid. Once paid, access to systems are restored and in this case, it was done by using a decryption key that the hacker sent. In total, the hack caused ten days of disruption.
While under attack, the workers at the hospital had to rely on old fashioned written notes, written prescriptions and faxes and some patients had to go in and pick up test results to bring them to the referring physicians. The medical center was attacked on 2-5-16, and the attack left hospital employees without access to email and records for a week. “The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” CEO Allen Stefanek said in a statement.
The month previous, Mount Pleasant Texas-based Titus Regional Medical Center was attacked. It was never revealed if the malware was removed or if the hospital paid the hackers any sum of money to receive access to systems back.
From insurance company breaches such as Anthem and Premera to hospitals to smaller sources such as doctor offices and personal devices, health care information is at constant risk of being released, especially as hackers embrace increasingly sophisticated methods.