Toronto,Ontario, Canada — It turns out one hacker gang has at least a little bit of a conscience. The LockBit ransomware-as-a-service group has apologized to the Hospital for Sick Children (SickKids) for targeting the facility with ransomware.
The ransomware attack on the teaching and research hospital happened on December 18, which affected SickKids’ internal and corporate systems, phone lines, and website, reports Bleeping Computer. SickKids said the attack also caused patients to wait longer for treatment and delayed clinicians from receiving lab and imaging results.
LockBit said the attack, which was carried out by one of its members, violated its rules, which don’t allow the group’s partners to encrypt medical institutions, although they are allowed to steal the institutions’ information. The gang released a free decryptor to the hospital. By January 1, SickKids had restored 60% of its priority systems.
However, Bleeping Computer reports that LockBit has attacked other hospitals in the past and not provided decryptors. That said, the gang did provide a free decryptor to Ireland’s national health service in 2021.
LockBit also appears to have attacked multiple U.S. healthcare providers recently, reports SCMagazine.com.
The SickKids ransomware ordeal is just the latest ransomware attack to affect healthcare. Emsisoft reported earlier this month that last year there were 25 incidents involving hospitals and multi-hospital health systems, potentially impacting patient care at up to 290 hospitals. The most significant ransomware incident was an attack on CommonSpirit Health, which operates nearly 150 hospitals in 21 states.
Cyberattacks have the potential to affect patient care. CentraState Medical Center in New Jersey was forced to divert patients in late December when it experienced “some technical problems related to an IT security issue,” reports SCMagazine.com.