The Hollywood Presbyterian Medical Center, an “acute-care facility” located in Los Angeles, has had its computer systems compromised by hackers. The attackers are asking for 9,000 Bitcoin (approximately $3.6 million) in exchange for giving the hospital access to the systems again.
The LA police, the FBI and a computer forensics firm have been called in to investigate and help.
Not many details about the compromise have been shared, but it seems more than likely that computers and data storage devices have been infected with crypto ransomware.
News of the attack started appearing late last week, but it apparently started some 10 days ago. The hospital’s website and social media accounts haven’t mentioned any problems, trying to keep the situation under wraps.
But the effect of the attack can definitely be felt. NBC Los Angeles reports that the hospital has taken down its entire network, and the staff and the departments are forced to communicate via fax.
Patients’ medical records are inaccessible, and according to US healthcare-related blog The Medical Quack, some of the hospital departments – namely Radiation and Oncology – have been temporarily shut down as they can’t use their computers.
Emergency patients are being sent to other hospitals. Patients who have been examined and had medical tests done are forced to come to the hospital in person to pick up the results, as they can’t be sent to them via email.
The only good news is that so far, there is no evidence that patients’ medical records have been exfiltrated or accessed by the attackers.
But if this incidents shows anything, it is how an organization’s operations can be heavily disrupted by a cyber attack. In the healthcare industry this could, in certain situations, also lead to loss of life.