;

Hancock Regional Pays Bitcoin Ransom After Computer System Hacked

The ransomware attack affected the Indiana hospital’s email system, electronic health records and internal operating systems.

Hancock Regional Pays Bitcoin Ransom After Computer System Hacked

Employees had to update patient medical records using pen and paper.

The computer system at an Indiana hospital was hacked and held for ransom on Thursday night, forcing the hospital to pay in order to regain control.

Rob Matt, the chief strategy officer at Hancock Regional Hospital, says the hackers requested four bitcoins, which roughly amounts to $55,000. The hack affected the hospital’s email system, electronic health records and internal operating systems.

“Hancock Regional Hospital has been the victim of a criminal act by an unknown party that attempted to shut down our operations via our information systems by locking our computer network and demanding payment for a digital key to unlock it,” read a statement from the hospital.

Attackers deployed the SamSam ransomware which infected more than 1,400 files before hospital security managed to contain it, according to RTV6. The ransomware encrypted the files and renamed them “I’m sorry”.

SamSam ransomware originally appeared two years ago and was used in targeted attacks. The hackers typically scan the internet for computers with open RDP connections.

Steve Long, Hancock Regional CEO, says the ransomware attack happened at around 10 p.m. on Thursday. Hospital employees immediately noticed and IT staff took down the entire network.

The hospital was lined with posters asking employees to shut down any computer until the incident was resolved, reports Bleeping Computer.

The hospital tried to bypass the hack but several factors interfered, forcing them to pay the ransom.

“With the ice and snow storm at hand, coupled with one of the worst flu seasons in memory, we wanted to recover our systems in the quickest way possible and avoid extending the burden toward other hospitals of diverting patients,” said Long. “Restoring from backup was considered, though we made the deliberate decision to pay the ransom to expedite our return to full operations.”

Hospital management says restoring from backups would have taken days, maybe even weeks, to have all systems up and running.

The ransom was paid Friday night with help from the hospital’s attorneys and an Indiana-based security company. On Monday, access was restored and the hospital resumed full operation.

Matt says hospital staff had been adequately trained and were able to continue to provide patient care without electronic system access. Pen and paper were used to update medical records.

Hospital officials stress that no patient information was compromised.

About the Author

Contact:

Amy Rock is Campus Safety's senior editor. She graduated from UMass Amherst with a Bachelor’s Degree in Communications and a minor in Education.

She has worked in the publishing industry since 2011, in both events and digital marketing.

Read More Articles Like This… With A FREE Subscription

Campus Safety magazine is another great resource for public safety, security and emergency management professionals. It covers all aspects of campus safety, including access control, video surveillance, mass notification and security staff practices. Whether you work in K-12, higher ed, a hospital or corporation, Campus Safety magazine is here to help you do your job better!

Get your free subscription today!


Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety HQ