An Indiana hospital has reportedly paid hackers a hefty ransom to regain access to its IT systems.
In a statement to local media, Hancock Region Hospital in Greenfield said the cyberattack happened at around 9:30am on January 11. Employees noticed the hack immediately, Rob Matt, the hospital’s chief strategy officer, told the
IndyStar. However, the attack still managed to affect the hospital’s email system, electronic health records, and other internal operating systems.
It is believed that hackers used ransomware to encrypt the IT system’s data files. The victim then had to pay ransom to get a key or code that unlocks the files. In the case of the hospital, it paid about $55,000-worth of bitcoins to the criminals, according to the
Greenfield Daily Reporter.
CBS reported the transaction was made on January 12, and the hospital obtained the keys. Forensic analysis showed patient data was not transferred outside the hospital’s network.
“We were in a very precarious situation at the time of the attack,” said Hancock Health CEO Steve Long. “With the ice and snow storm at hand, coupled with the one of the worst flu seasons in memory, we wanted to recover our systems in the quickest way possible and avoid extending the burden toward other hospitals of diverting patients.”
He added that the administration considered restoring files from backup, but they decided to pay the ransom so that normal operations could resume much sooner.
Related stories:
Marsh warns of Hurricane Katrina-scale losses from cloud breach
Lloyd's of London boss issues warning over crippling cyberattack