Canadian Underwriter
News

California hospital president and CEO admits to paying US$17,000 following ransomware attack


February 18, 2016   by Canadian Underwriter


Print this page

The president and CEO of a hospital in Los Angeles admitted in a statement on Wednesday that the hospital paid approximately US$17,000 to hackers following a ransomware attack.

“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” said Allen Stefanek, president and CEO of the Hollywood Presbyterian Medical Center

Allen Stefanek, president and CEO of the Hollywood Presbyterian Medical Center, said in the statement that the amount of ransom requested was 40 bitcoins, equivalent to approximately US$17,000.

“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Stefanek said. “In the best interest of restoring normal operations, we did this.”

Stefanek also dismissed reports of the hospital paying 9,000 bitcoins, or about US$3.4 million, as false.

Ransomware is a form of malware that locks systems by encrypting files and demanding ransom to obtain the decryption key. Stefanek said that staff noticed issues accessing the hospital’s enterprise-wide hospital information system on the evening Feb. 5. The hospital’s IT department began an immediate investigation and determined that the facility had been subject to a malware attack. Law enforcement was immediately notified and computer experts began bringing the system back online, the statement said.

The hospital said that it restored its electronic medical record system on Monday, Feb. 15, adding that all “clinical operations” utilize the system. “All systems currently in use were cleared of the malware and thoroughly tested,” Stefanek said.

“It is important to note that this incident did not affect the delivery and quality of the excellent patient care you expect and receive from Hollywood Presbyterian Medical Center,” the statement added. “Patient care has not been compromised in any way. Further, we have no evidence at this time that any patient or employee information was subject to unauthorized access.”