The company’s CEO said the cyberattackers — who used a ransomware variant called Erebus, which targets computers on Windows and Linux operating systems — demanded $4.4 million. However, the CEO attempted to negotiate the price to less than $500,000. The cyberattackers proceeded to decrease the amount to $1 million “at the last minute,” BCC reports.
Security experts, who often warn against complying with ransomware demands, have said this incident marks the largest known ransomware payment worldwide.
“This is a record ransom from what I know, although some will have paid and not gone public,” Angela Sasse, director of the Institute in the Science of Cyber-Security, told the BBC.
Nayana is in the process of recovering data, according to a company update posted June 17. In a separate statement, the company’s CEO said, “Now I am bankrupt. Everything I’ve been working on for 20 years is expected to disappear,” according to BBC.
More articles on health IT:
ONC, CMS execs participate in Provider Data Action Alliance
Former director of the National Cancer Institute nabs $14M in Series A funding
Girl Scouts add badges in cybersecurity
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
