Hollywood hospital pays ransom to get their computers, files back

The Hollywood hospital whose systems have been infected with ransomware has paid $17,000 to get the decryption key from the criminals, and is operating normally once again.

Hollywood Presbyterian Medical Center

“On the evening of February 5th, our staff noticed issues accessing the hospital’s computer network. Our IT department began an immediate investigation and determined we had been subject to a malware attack. The malware locked access to certain computer systems and prevented us from sharing communications electronically,” Allen Stefanek, President and CEO of the Hollywood Presbyterian Medical Center, has announced on Wednesday.

“The reports of the hospital paying 9000 Bitcoins or $3.4 million are false. The amount of ransom requested was 40 Bitcoins, equivalent to approximately $17,000,” he noted. “The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.”

The ransomware temporarily crippled the hospital’s information system, and they were forced to take down the hospital’s entire network. Patients’ information was inaccessible, and the staff had to communicate via fax.

Some of the medical center’s departments were prevented from normal functioning and were temporarily shut down, and emergency patients were sent to other hospitals.

Stefanek is eager to assure that the delivery and quality of care received by the patients was not compromised, and that patient or employee information hasn’t been accessed by the attackers.

“HPMC has restored its electronic medical record system (“EMR”) on Monday, February 15th. All clinical operations are utilizing the EMR system. All systems currently in use were cleared of the malware and thoroughly tested. We continue to work with our team of experts to understand more about this event,” he concluded.

No details about how the compromise started were shared.

Using crypto ransomware to extort money from businesses and organizations is a lucrative option for cyber crooks, and has become a regular practice.

Unfortunately, not all businesses regularly back up their files, and this leaves them at the mercy of the extortionists. They often pay the required ransom to get their files back, although not many admit that publicly.