Aberdeen, Wash.-based Grays Harbor County Hospital is offering to settle a class-action lawsuit related to a 2019 cyberattack that exposed patients' protected health information.
The lawsuit alleges Grays Harbor violated the Washington State Uniform Healthcare Information Act and the Washington State Consumer Protection Act, which led to the incident. The hospital has denied wrongdoing.
On June 15, 2019, the hospital and Harbor Medical Group identified a ransomware attack on its EHR. The organizations were able to recover much of the patient information through backup procedures, but some stayed encrypted within the EHR, according to KBKW, a local news source. The cyberattackers demanded $1 million ransom for the files.
More articles on cybersecurity:
How hackers negotiated with UCSF for $1M+ ransom: 5 things to know
UnityPoint Health to pay $2.8M+ settlement over phishing attacks: 6 details
10 health system malware, ransomware and phishing incidents this month