Methodist Hospital ransomware attack ends without payment

After five days, Methodist Hospital in Henderson, Ky., has emerged from an internal state of emergency after undergoing a targeted ransomware attack.

Methodist Hospital discovered the ransomware March 16, and the hospital posted a notification on its website saying employees had limited access to web-based services and electronic communications. In initial reports, Methodist Hospital COO David Park said the hospital would consider looking into paying any ransom demanded based on the number of locked records.

Methodist Hospital has reportedly regained control of its computer systems, reports Healthcare IT News.

According to a hospital statement, the system has been running since March 21. The hospital did not pay the ransom, which was demanded in bitcoins.

The hospital reports the virus was sent in a malicious email that passed through a spam filter, and the email recipient opened the email.

Methodist Hospital activated a back-up system while the main system was down, which allowed the hospital to continue functioning without interruption.

"Methodist Hospital has taken a proactive approach and is in the process of restructuring its network," according to the hospital statement. "The restructuring will minimize the potential area of infection should a similar incident occur in the future."

The hospital says patient information is safe and was not compromised in any way. The FBI is investigating.

Editor's note: This article was updated March 23, 2016 at approximately 3:50 pm CST to include a statement from Methodist Hospital.

More articles on ransomware:

8 latest ransomware attacks
NYT, BBC among websites hit with ransomware in advertisements
Ransomware attack shuts down 4 Ottawa hospital computers

© Copyright ASC COMMUNICATIONS 2017. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months