Wyoming health system COO shares story of ransomware attack

After experiencing a ransomware attack in September 2019, Campbell County Health COO Colleen Heeter stresses the importance of backups, according to the Laramie Boomerang.

At the Campbell County (Wyo.) Chamber of Commerce monthly luncheon on Feb. 11, Ms. Heeter detailed the ransomware attack on the Gillette, Wyo.-based health system, which affected more than 1,500 servers and computers. She said hospital leaders and staff worked around the clock for weeks to ensure patients were taken care of.

On the day of the attack, Campbell County Health CEO Andy Fitzgerald was not in the office when an IT employee approached Ms. Heeter, who was overseeing operations at the time, stressing that something was "deeply wrong." Within a few minutes, the employee determined that the hospital was under a ransomware attack and told Ms. Heeter that they needed to shut down computer systems.

The first call Ms. Heeter made was to Campbell County Health's cyber insurance company. Campbell County Health then contacted Gov. Mark Gordon and other state agencies.

Although clinicians were able to treat patients and take X-rays, they couldn't pull images or medical records. Instead, Campbell County Health reached out to nearby hospitals to see if they could take in critical patients, said Ms. Heeter.

Clinicians were able to treat patients who had scheduled appointments. Ms. Heeter also confirmed that there is no evidence that patients' health information was compromised. It's unclear how much the attackers demanded in the ransomware attack.

When looking back on the incident, Ms. Heeter reminds executives to be vigilant of phishing emails and to always have backups.

"You should always have backup," she said, according to the Laramie Boomerang. "Even if you have backup, you have to check and see [that] they didn't attack the backup."

More articles on cybersecurity:
Texas provider alerts 6,500 patients of phishing attack
Connecticut payer alerts 1,100 members of phishing attack
10 tips for hospitals to mitigate ransomware attacks

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Content

Featured Webinars

Featured Whitepapers