Ransomware attacks shut down practices

October 28, 2019 Laura Hale Brockway

Ransomware attacks have forced two medical practices — one in Michigan and one in California — to close their doors. The attacks encrypted the practices’ medical records, making them permanently inaccessible. 1 

In the first attack, ransomware encrypted the system at Brookside ENT and Hearing Center in Battle Creek, Michigan. The system housed patient records, appointment schedules, and payment information. The attack rendering the data inaccessible.

The attackers said they would provide a key to unlock the encryption in exchange for a payment of $6,500.

The two physician owners of the practice did not to pay the ransom, as there was no guarantee that a valid key would be supplied and, after paying, the attackers could simply demand another payment. (This is why the FBI recommends not making ransom payments.)

Since no payment was made, the attackers deleted all files on the system ensuring no information could be recovered. The partners decided to take early retirement rather than rebuild their practice from scratch. The practice officially closed on April 30, 2019. 2

The second attack occurred at Wood Ranch Medical in Simi Valley, California, which announced that the practice will close on December 17, 2019.

The attack occurred on August 10, 2019, and resulted in the practice’s servers being infected with ransomware. The attack caused widespread file encryption and medical records could not be accessed. Computer systems were permanently damaged making file recovery impossible. The practice had created backups of patient records, but those backups were also encrypted and could not be used to restore patient data. 1

These incidents highlight the catastrophic consequences of ransomware attacks. Not only have the practices closed, but patients have experienced the permanent loss of their medical records.

To help prevent this type of loss, the HIPAA Journal recommends a 3:2:1 approach to backups.

“Create three backup copies, on two different types of media, and store one copy securely off site on . . . [a device] that is not networked or accessible over the internet. In the event of a ransomware attack, systems may be taken out of action and computers may need to have software reinstalled, but at least no data will be lost.”

To learn more about protecting your practice from cyber threats, see our cyber security resources.

 

Sources
1. Wood Ranch Medical announces permanent closure due to ransomware attack. HIPAA Journal. September 20, 2019.
2. Michigan practice forced to close following ransomware attack. HIPAA Journal. April 2, 2019.

About the Author

Laura Hale Brockway is the Assistant Vice President of Marketing at TMLT. She has more than 20 years of marketing and management experience, and has worked for Seton Healthcare Family and the Texas Academy of Family Physicians. Laura holds an Editor in Life Science (ELS) certification from the Board of Editors in the Life Sciences.

Visit Website More Content by Laura Hale Brockway

No Previous Articles

Next Article
Study shows increased cyber security can affect patient outcomes
Study shows increased cyber security can affect patient outcomes

Corrective actions taken to enhance privacy and security may introduce usability issues.

Podcast: Tech, Telemedicine, Tomorrow

LISTEN
×

Subscribe to CYBER @TMLT for more resources and cyber news.

First Name
Last Name
Are you a physician?
Are you a TMLT policyholder?
Please list your specialty or occupation. - optional
Thank you for subscribing to CYBER @TMLT
Error - something went wrong!