110 U.S. Nursing Homes Affected by Ransomware Attack of Tech Service Provider
This latest Russian attack could put some nursing homes impacted by the ransomware out of business.
Virtual Care Provider Inc. (VCPI) has been hacked by Russian cybercriminals, who are holding their data hostage until they pay a $14 million ransom demand. The Milwaukee-based company says it can’t afford to pay the ransom.
VCPI delivers technology services to 110 U.S. nursing homes in 45 states, reports the Journal Sentinel. Because the company can’t pay the ransom, some of its nursing home clients can’t access patient records, use the Internet, pay employees or order medications. Some VCPI clients might go out of business if the company can’t recover from the attack, reports Krebsonsecurity.com.
When asked by the Associated Press if sensitive patient information had been compromised and how many patients were affected, VCPI said its “comprehensive forensic investigation into the potential scope of the incident remains ongoing.”
The company informed its clients of the attack on November 18, which was one day after it was discovered, reports CBS News. It said that about 20% of its services were impacted and that it needs to rebuild 100 of its servers.
VCPI told the AP it’s working to restore the systems as quickly as possible.
Cybersecurity experts say the ransomware strain called Ryuk is what has infected VCPI. It generally targets businesses that supply services to other companies, reports Krebs. It’s believed that the ransomware was delivered by malicious email attachments that were opened by unsuspecting employees, reports the Journal Sentinel. The malware has probably been on VCPI’s network for about 14 months.
VCPI and its nursing home customers are just the latest healthcare facilities to be hit by ransomware, and it’s not only the facilities’ bottom lines that are negatively affected. One study has found that U.S. hospitals that have experienced data breaches or ransomware attacks also saw an increase in the death rate of their heart attack patients for months and years after the incidents.
If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
About the Author
Robin Hattersley, Editor-in-Chief
Robin has been covering the security and campus law enforcement industries since 1998 and is a specialist in school, university and hospital security, public safety and emergency management, as well as emerging technologies and systems integration. She joined CS in 2005 and has authored award-winning editorial on campus law enforcement and security funding, officer recruitment and retention, access control, IP video, network integration, event management, crime trends, the Clery Act, Title IX compliance, sexual assault, dating abuse, emergency communications, incident management software and more. Robin has been featured on national and local media outlets and was formerly associate editor for the trade publication Security Sales & Integration. She obtained her undergraduate degree in history from California State University, Long Beach.
Related Content
Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century
This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!
[…] Care Providers Inc., which delivers technology services to 110 U.S. nursing homes in 45 states, reported it was hacked by Russian cybercriminals who are holding data hostage until it pays a $14 million ransom. It was also recently reported […]