New Jersey Spine Center pays ransom to cyberattackers after 'seeing no other option'

New Jersey Spine Center in Chatham has reported it paid a ransom to cyberattacks who infected its EMR with ransomware.

The center was attacked with the CryptoWall ransomware July 27. According to letter sent to patients, the system's virus protection software detected the malware, but not until after it accessed and encrypted patient medical records, making them inaccessible to providers.

The medical records contained patients' clinical information, including procedures, office notes and reports, as well as demographic information, including birth dates, addresses, some Social Security numbers, credit card information and account information.

What's more, the ransomware encrypted New Jersey Spine Center's system backup and disabled the phone system. "Seeing no other option, we elected to pay the ransom to gain access to the records," according to the letter.

The center has notified the FBI and local authorities.

"While we cannot guarantee that patient personal demographics were not the target for the intrusion, we have no information that would suggest the attack was an effort to steal patient information," according to the letter. "Further, we have no information to suggest that any of your medical or financial information was used or acquired by the hackers for any improper purpose."

Center officials believe the virus used a list of stolen passwords and ran an automated program that kept trying to access the records until a correct match was made.

According to the HHS Office for Civil Rights breach notification portal, the security incident affected 28,000 individuals.

More articles on ransomware:

16 latest healthcare data breaches, security incidents
Healthcare is not most-targeted sector for ransomware
FBI urges ransomware victims to report attacks to federal law enforcement 

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars