Skip to content Skip to navigation

Kentucky-Based Methodist Hospital’s System Restored Following Ransomware Attack Last Week

March 21, 2016
by Heather Landi
| Reprints
Click To View Gallery

Officials at Methodist Hospital, based in Henderson, Kentucky, announced that their computer system is back “up and running” following a cyber attack last Friday, according to NBC 14 News.

Methodist Hospital had posted a message on its website on Friday stating that it is currently working in an internal state of emergency due to a computer virus that limited the use of its electronic web-based services.

“We are currently working to resolve this issue, until then we will have limited access to web based services and electronic communications,” the message stated.

In the NBC 14 News story published Monday afternoon, the news station quoted hospital officials stating that the hack was the result of ransomware that made it through the hospital’s email filter. “Methodist Hospital officials say they did not pay the ransom and they tell us no patient data or records have been compromised. The investigation is ongoing,” NBC 14 News reported.

In a story published Friday, NBC 14 News reported that the Federal Bureau of Investigation was investigating a cybersecurity breach at the hospital. “Officials at Methodist Hospital say this hack is ransomware in action. Hackers have locked patients’ files and they’re demanding money to regain access to them,” the news station reported.

And, the NBC 14 News article quoted Methodist Hospital Chief Operating Officer David Park as stating that the hackers have copied patients’ files, locked those copies and deleted the original files.

On Friday, the news station reported, “In a release, hospital officials say they want to reassure patients their information is secure. They say, they activated a back-up system while the main network was locked down. The hospital has been able to run smoothly without interrupting daily operations.”

Methodist Hospital officials also said on Friday that their information systems department responded quickly to prevent the virus from spreading.
 
The “internal state of emergency” message on the hospital’s website links to the healthcare organization’s digital disaster response system. That site stated, “This site if for web-enabled communications during emergency events. During an actual incident the disaster action plan or important directives will appear on this page. Though this site is for emergency responders, public information links are available on the left of this page.”

Topics

News

Consumers Increasingly Willing to Try Telehealth, New Survey Finds

About one in five consumers said they would switch their current primary care provider (PCP) if another PCP in their area offered telehealth visits, according to American Well’s latest survey.

New York Presbyterian Brooklyn Methodist Revalidated as EMRAM Stage 7

Due to its use of RFID technology to improve patient care and outcomes, New York Presbyterian Brooklyn Methodist Hospital (NYPBMH) has received acute care Stage 7 revalidation on the HIMSS Analytics Electronic Medical Record Adoption Model (EMRAM).

Dana Alexander Named 2016 HIMSS Nursing Informatics Leadership Award Winner

Dana Alexander, R.N., has been named the recipient of the 2016 HIMSS-ANI Nursing Informatics Leadership Award, a joint award sponsored by Alliance for Nursing Informatics (ANI) and HIMSS.

Agency Leadership Update: Collins Stays at NIH, Bindman Leaves AHRQ

As President-elect Donald Trump is sworn in as the United States’ 45th president at noon today, there has been an ongoing administration shuffle as agency leaders have stepped down as part of the presidential transition.

Reports: Indiana Cancer Services Agency Hacked, Won’t Pay Ransom

Earlier this month, Cancer Services of East Central Indiana- Little Red Door’s terminal server and backup drive were hacked by cybercriminal TheDarkOverlord, leading to a ransom demand that the cancer services facility will not pay, according to media reports.

Insurer to Pay $2.2M HIPAA Settlement for Disclosure of Unsecured ePHI

MAPFRE Life Insurance Company of Puerto Rico has agreed to settle potential noncompliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules by paying $2.2 million.