Hollywood Presbyterian gives in to hackers, pays $17,000 ransom to regain control over systems

Ransomware attack had locked out administrators unless they agreed to the demand of 40 Bitcoins.
By Henry Powderly
09:33 PM
Share

Officials at Hollywood Presbyterian Medical Center on Wednesday night said they have paid hackers a $17,000 ransom to regain access and control over the hospital’s computer systems after a low-tech ransomware attack locked them out of their networks.

In a letter posted online by hospital CEO Allen Stefanek, the executive said the payment was the quickest way to restore their systems.

[Privacy, security hot topic at HIMSS16]

Earlier reports suggested hackers requested $3.4 million in Bitcoin as a ransom, but Stefanek claimed that figure was wrong. Instead, he said the attackers requested 40 Bitcoins, which are worth about $17,000.

"On the evening of February 5th, our staff noticed issues accessing the hospital’s computer network," wrote Stefanek. "Our IT department began an immediate investigation and determined we had been subject to a malware attack," which locked the system, demanding a access key that could only be obtained by paying the ransom.

[Also: Hollywood Presbyterian hack signals more ransomware attacks to come]

"The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key," he wrote. "In the best interest of restoring normal operations, we did this."

Stefanek said the hospital on Monday had regained control over its electronic health record systems.

The CEO said there is no evidence that any patient data was accessed by the hackers.

During the system blackout, caregivers had to rely on handwritten notes and faxes in lieu of electronic communications.

 

Twitter: @HenryPowderly