Kansas Heart Hospital was the victim of a ransomware attack recently, but the hacker didn’t honor his end of the deal after being paid.
The attack on the Wichita facility occurred May 18, although few details about the incident have been released.
“I’m not at liberty because it’s an ongoing investigation, to say the actual exact amount [paid],” Hospital President Dr. Greg Duick says. “A small amount was made.”
Networkworld.com reports that the hacker then failed to restore full access to the files and asked for a second ransom, which the hospital refused to pay.
Duick praises hospital officials for executing a preplanned response to the attack. “I think [the response] helped in minimizing the amount of damage the encrypted agent could do,” Duick says.
RELATED: A Ransomware Conversation with a Cybersecurity Expert
Duick also stresses that patient information was never jeopardized and routine operations were not affected.
Campus Safety has previously reported on a variety of ransomware attacks and the different ways institutions have responded to them, but we have not reported on a situation where the hacker didn’t restore access to files after a payment.
Multiple reports have predicted the rise of ransomware attacks and pointed to cybersecurity vulnerabilities in hospitals.