Virtual Care Provider Inc. (VCPI) has been hacked by Russian cybercriminals, who are holding their data hostage until they pay a $14 million ransom demand. The Milwaukee-based company says it can’t afford to pay the ransom.
VCPI delivers technology services to 110 U.S. nursing homes in 45 states, reports the Journal Sentinel. Because the company can’t pay the ransom, some of its nursing home clients can’t access patient records, use the Internet, pay employees or order medications. Some VCPI clients might go out of business if the company can’t recover from the attack, reports Krebsonsecurity.com.
When asked by the Associated Press if sensitive patient information had been compromised and how many patients were affected, VCPI said its “comprehensive forensic investigation into the potential scope of the incident remains ongoing.”
The company informed its clients of the attack on November 18, which was one day after it was discovered, reports CBS News. It said that about 20% of its services were impacted and that it needs to rebuild 100 of its servers.
VCPI told the AP it’s working to restore the systems as quickly as possible.
Cybersecurity experts say the ransomware strain called Ryuk is what has infected VCPI. It generally targets businesses that supply services to other companies, reports Krebs. It’s believed that the ransomware was delivered by malicious email attachments that were opened by unsuspecting employees, reports the Journal Sentinel. The malware has probably been on VCPI’s network for about 14 months.
VCPI and its nursing home customers are just the latest healthcare facilities to be hit by ransomware, and it’s not only the facilities’ bottom lines that are negatively affected. One study has found that U.S. hospitals that have experienced data breaches or ransomware attacks also saw an increase in the death rate of their heart attack patients for months and years after the incidents.