A hospital suffers a ransomware infection

EDA2 Open-Source Ransomware Code Used in Real-Life Attacks

A mental health hospital for children and young people in Delaware, U.S., was infected with a ransomware variant at the end of last year. According to network security and ethical hacking specialists of the International Institute of Cyber Security, resulting from the attack access to the records of the hospital were blocked, so the organization had to pay a ransom to recover their access.

According to the hospital director, the records were encrypted last Christmas and no staff members were able to access them. The compromised records contained information such as:

  • Full names
  • Dates of birth
  • Addresses
  • Social Security numbers
  • Patient Medical Details

The institution confirmed that, for the most part, patients are children and adolescents from low-income families.

As network security experts report, hospital managers had to pay a ransom of thousands of dollars to get back access to the records.  “So far, we don’t have any evidence to show that more confidential information has been compromised,” said Jill Rogers, hospital director. Rogers added that the compromised information contained about ten years of organization Records.

Hospital officials did not specify what the ransom amount was, nor did they provide technical details about the attack. As to why they waited so far to reveal the incident, they mentioned that they decided to reveal the attack until they had the certainty of what exactly happened and what consequences were generated.

Delaware Law states that any organization that works with personal information from state residents must report an incident like this within the first 60 days after the attack was detected, according to network security specialists.

The hospital has offered a year of free financial monitoring services to users affected by the incident.  “We deeply regret what happened and reaffirm our commitment to protecting the privacy of your information”, mentions a statement from the organization.

Multiple cybersecurity firms agree that ransomware attacks continue to become more and more frequent. In most cases, an attack starts when an employee clicks on a malicious link and is redirected to a committed web site.

Recently, a county government in Georgia had to pay a ransom of $400k USD0 after its systems were infected with a variant of ransomware known as Ryuk, and this is only one of many known cases each week.