Skip to main content
close search
site logo
Dive Brief

UPDATE: Los Angeles hospital pays hackers ransom for decryption key

Published Feb. 16, 2016
Naomi Eide's headshot
Managing Editor
Flickr User: Todd Jones Photography

UPDATE: Hollywood Presbyterian Medical Center paid hackers a 40 bitcoin ransom, equivalent to $17,000, to regain control of their systems, according to the hospital's CEO Allen Stefanek, the Los Angeles Times reported

At one time, a local consultant said hackers were asking for the bitcoin equivalent of $3.6 million. 

On Feb. 5, hackers used malware to encrypt files and lock the hospital out of its IT systems, forcing personnel to resort to pen, paper and fax machines to communicate and keep records while taking care of patients. Stefanek said, paying the ransom was the best way to return to normal operations, restoring both systems and administrative functions, the Times reported. 

The hospital paid the ransom before asking law enforcement for help, according to the Times. 

With the help of experts, the hospital restored computer systems on Monday. Stefanek said neither hospital records or patient care was compromised during the attack.

Dive Brief:

  • A Southern California hospital declared an "internal emergency" after a cyberattack locked it out of its IT system, with attackers holding access for a ransom.
  • Systems at Hollywood Presbyterian Medical Center have been down for about a week, with staff losing email and access to some patient data. Some patients were transferred to other hospitals for treatment, and the staff has had to rely on fax machines and telephones to get work done.
  • Both the Los Angeles police and the FBI are working to identify the hackers who used ransomware to attack the network. A local computer consultant said the demanded ransom was for about 9,000 bitcoins, or roughly $3.6 million, according to a CSO report.

Dive Insight:

The medical center has been forced to log patient registrations and medical records on paper as they were asked to keep their systems offline. The attack delayed everything from lab work to CT scans as the hospital cannot risk further harm from the breach.

Attacks like these are one of the reasons why President Barack Obama’s administration is looking to invest $19 billion in cybersecurity in the coming year. Though past breaches like the one at Office of Personnel Management last year, which exposed the records of 21.5 million people, cause harm, attacks on infrastructure can be immediately life threatening.  

One security expert said it is easy to compromise medical networks because of unprotected Wi-Fi and "universal poor security," according to ZDNet. The level of threat and potential harm from this attack is akin to last year’s attack on the Ukrainian utility grid, where hackers caused a blackout for a number of hours.

It is not yet known whether hackers took patient or employee data, so officials cannot confirm whether ransomware was the main reason for the attack, according to ZDNet. 

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Legion Technologies Partners with Vail Resorts to Expand Workforce Management Across 37 Resort…
From Legion Technologies
November 19, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell