Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyber Insurance

Hospitals Resume Accepting Patients After Malware Attack

An Alabama hospital chain that quit accepting new patients after a malware attack crippled computer systems said it has resumed normal operations after paying a ransom demand.

An Alabama hospital chain that quit accepting new patients after a malware attack crippled computer systems said it has resumed normal operations after paying a ransom demand.

The DCH Health System said its hospitals in the west Alabama cities of Tuscaloosa, Northport and Fayette resumed admitting patients Thursday, and its imaging and patient scheduling services were going back online Friday.

The system said key operations were back to normal 10 days after a ransomware attack encrypted information and prevented its computer systems from communicating with each other. The hospitals kept treating people, but new patients were sent to alternative locations in Birmingham or Mississippi.

The company hasn’t said how much ransom it paid to regain control of its systems, but an executive said insurance covered the cost.

“We had to gain access to our system quickly and gain the information it was blocking,” chief operating officer Paul Betz told a news conference. “As time goes by, and we determine the full impact of this, we will be very grateful we had cyber insurance in place.”

The hospitals said hackers used the ransomware variant Ryuk to lock its files, but the hack didn’t compromise the care of patients. Workers reverted to using paper files, and law enforcement is investigating the attack.

A statement from the system said workers were still restoring some nonessential systems including email and were trying to get programs operating at full speed.

The three hospitals admitted more than 32,000 patients last year.

RelatedMedical Practice Closing Permanently After Ransomware Attack

Written By

Click to comment

Expert Insights

Related Content

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.