Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

steve2470

(37,481 posts)
31. Ars Technica article and comments: Hospital pays $17k for ransomware crypto key
Fri Feb 19, 2016, 04:50 PM
Feb 2016
http://arstechnica.com/security/2016/02/hospital-pays-17k-for-ransomware-crypto-key/

Hollywood Presbyterian Medical Center, the Los Angeles hospital held hostage by crypto-ransomware, has opted to pay a ransom of 40 bitcoins—the equivalent of $17,000—to the group that locked down access to the hospital's electronic medical records system and other computer systems. The decision came 10 days after the hospital lost access to patient records.

"HPMC has restored its EMR on Monday, February 15th," President and CEO of Hollywood Presbyterian Medical Center Allen Stefanek wrote in a statement published by the hospital late Wednesday. "All clinical operations are utilizing the EMR system. All systems currently in use were cleared of the malware and thoroughly tested. We continue to work with our team of experts to understand more about this event."

The first signs of trouble at HPMC came on February 5, when hospital employees reported being unable to get onto the hospital's network. "Our IT department began an immediate investigation and determined we had been subject to a malware attack," Stefanek wrote. "The malware locked access to certain computer systems and prevented us from sharing communications electronically."

"Law enforcement was immediately notified. Computer experts immediately began assisting us in determining the outside source of the issue and bringing our systems back online," the statement said.

more at link

NO ACCESS TO PATIENT RECORDS FOR TEN DAYS ???!!!! If this CEO and IT director keep their jobs, it will be a miracle.

Recommendations

0 members have recommended this reply (displayed in chronological order):

Still, 17k is a lot less than the original demands. Erich Bloodaxe BSN Feb 2016 #1
Remind me never to get sick... joeybee12 Feb 2016 #2
This is why the cloud is a good thing. Local backups are not good enough. Rex Feb 2016 #3
I am sure the hackers got in through a "BackDoor" awake Feb 2016 #4
All they do is create an email with a payload or link Sam_Fields Feb 2016 #6
What has been happening is a computer picks up a trojan (might I add usually an executive) or high LiberalArkie Feb 2016 #5
I don't think that is what happened here Egnever Feb 2016 #7
Well if you are a 24/365 business and your last good backup (before the trojan hit) is 1 week old, LiberalArkie Feb 2016 #10
Who are the dumbfucks running that hospital's IT department? backscatter712 Feb 2016 #8
It's real simple, hospitals want to maximize profits. dilby Feb 2016 #11
I dont think that is the case here Egnever Feb 2016 #12
Makes sense. Nt Logical Feb 2016 #14
Sounds like the director's desperately trying to cover his ass. backscatter712 Feb 2016 #15
Including all workstations that connect to it,? Egnever Feb 2016 #16
All the data should have been on the servers. backscatter712 Feb 2016 #17
At most of the companies I worked at, all did regular backups... JustABozoOnThisBus Feb 2016 #9
The HIPAA implications for this hospital are enormous. The fines could be colossal. WillowTree Feb 2016 #13
The fines should be colossal. There's no excuse for this. n/t backscatter712 Feb 2016 #18
Blame the victim much? NobodyHere Feb 2016 #19
Their IT department should have been prepared for this. backscatter712 Feb 2016 #21
Sounds like the prevention costs more than the cure in this case. NobodyHere Feb 2016 #22
This is vital data. Confidential patient data, and if it gets fucked up, people die. backscatter712 Feb 2016 #25
I blame the hospital for lousy computer security. hobbit709 Feb 2016 #23
How bout blaming the hackers? NobodyHere Feb 2016 #24
Hackers wouldn't have been able to get in if there was decent security. hobbit709 Feb 2016 #26
Someone on an earlier post said the backups were likely contaminated too if the RKP5637 Feb 2016 #27
It all depends... backscatter712 Feb 2016 #28
There's only so much you can do about the hackers. backscatter712 Feb 2016 #30
I thought it was PEBKAC backscatter712 Feb 2016 #29
Perhaps they never really tested what they bought. dembotoz Feb 2016 #20
Ars Technica article and comments: Hospital pays $17k for ransomware crypto key steve2470 Feb 2016 #31
Latest Discussions»General Discussion»This LA hospital’s comput...»Reply #31