Vermont Hospital Cyberattack Cost Estimated at $1.5M a Day

A late October cyberattack on the computer systems of the University of Vermont Medical Center is costing the hospital about $1.5 million a day in lost revenue and recovery costs, its CEO said.

The Oct. 28 attack crippled the computer systems of the hospital system that serves much of Vermont and parts of upstate New York.

Hospital CEO Dr. Stephen Leffler estimated on a call with reporters on Tuesday that they are about 70% recovered from the attack.

Leffler says they’re still trying to pinpoint the exact root of the cyberattack, but they hope to provide more details about the investigation next week, including whether it was a ransomware attack similar to what other hospitals around the country experienced.

“It is fortunate that the cyberattack is mostly behind us and we can put more focus into dealing with COVID in Vermont and our patients,” Leffler said Tuesday. “And we’re ramping up to start vaccinating our staff, getting ready to have vaccines for our community.”

Leffler says the attack infected all 5,000 computers on the hospital’s network. He says that going forward they are planning to decouple parts of the network and they’re upgrading security measures.

Related: Ransomware Surge Imperils Hospitals as Pandemic Intensifies