Breaking News: Hollywood Presbyterian Medical Center Hit with Ransomware, Hackers Demand $3.6M Ransom | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Breaking News: Hollywood Presbyterian Medical Center Hit with Ransomware, Hackers Demand $3.6M Ransom

February 16, 2016
by Heather Landi
| Reprints
Click To View Gallery

The computer system at Hollywood Presbyterian Medical Center, based in Los Angeles, Calif., has been down for more than a week following a ransomware attack and hackers are demanding $3.6 million to restore the system, according to local news sources.

According to a news report from a local NBC station (NBC4), Hollywood Presbyterian Medical Center president and CEO Allen Stefanek said hospital staff noticed “significant IT issues and declared an internal emergency” Feb. 5. He also said the attack was random, not malicious, and that the hospital’s emergency room has been sporadically impacted since the attack. The outage is due to ransomware that ended up on the hospital’s internal network.

"At this time, we have no evidence that any patient or employee information was the subject of unauthorized access or extraction by the attacker," Stefanek reported to NBC4.

The Los Angeles Police Department and the Federal Bureau of Investigation (FBI) have launched an investigation into the cyber attack.

“A doctor who did not want to be identified said the system was hacked and was being held for ransom. The unnamed doctor said that departments are communicating by jammed fax lines because they have no email and that medical office staff does not have access to email,” the NBC news report stated.

Hospital staff have reported that they cannot pull up electronic patient medical records and are registering patients on paper and they also stated that some patients have been diverted to other hospitals because of the outage, NBC4 reported.

CSO, a publication that covers security and risk management, has reported that hackers are demanding ransom of 9,000 Bitcoin, equivalent to about $3.6 million.

“Based on the information available, it seems like the hospital got hit with a ransomware type of malware, which typically encrypts the data on the computer, or multiple computers, and then requests some kind of payment in order to provide the decryption key so users can access that data,” says Tim Erlin, director of IT security and risk strategy at Tripwire, a software vendor that provides information technolgoy and network security solutions.

“In the IT security industry, we talk a lot about medical device security and it’s noteworthy that this attack that effectively crippled a hospital from delivering patient care effectively did not actually involve the security of medical devices, as far as we know,” he notes. “An attacker can significantly impact a hospital’s ability to deliver care without directly attacking medical devices themselves.”

Erlin advises that hospitals and health systems address these kinds of cyber attacks both from a prevention and a disaster response standpoint.

“Most of it comes down to basic security best practices. Malware may be very sophisticated, but the messages that attackers use to put that malware on a system are not sophisticated, as it usually involves a misconfigured system, a published vulnerability that has been attacked or a human being that has made some sort of mistake,” he says.

As with many other cyber attacks targeting the healthcare industry, there are lessons to be learned.

“Hospitals should take the time to review the configurations of their systems to make sure that they are secure and don’t contain misconfiguration, and they should scan their network for vulnerabilities and have a plan to patch those vulnerabilities. They also need train their staff in how to recognize phishing scams or malicious emails that might lead to an infection,” he says.

Erlin also says hospitals should include these kinds of cyber attacks in their disaster recovery plans. “Systems may be taken off line maliciously, or by other circumstances. It’s important to have procedures in place to protect patients in either case,” he says.

He continues, “The most significant lesson from this incident at this point is that hospitals rely on some of the basic IT systems for effective patient care. And while this malware may not have directly infected a medical device, a CT machine or a MRI, the inability for hospital staff to communicate effectively, to access patient records, does directly affect patient care. So in order to respond to these incidents a hospital needs to build a response plan and a disaster recovery plan to treat this loss of IT assets as a kind of disaster from which they need to recover, and during which time they need to be able to operate effectively. So they should have backup plans for how to communicate and how to access patient records when systems are unavailable.”

In the event that this type of cyber attack does occur, hospitals and health system can mitigate the situation by having a backup that is not connected to the internal network. “Another option is to have devices that can connect to patient records off site, at another hospital or in a centralized system. It depends on the architecture of the system, to a certain extent, but hospitals should consider this – if that computer that’s sitting at the front desk or at the nurses’ station is inaccessible for some reason, then there should be another way to access the information they need to deliver patient care,” Erlin notes.






Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Study: EHRs Tied with Lower Hospital Mortality, But Only After Systems Have Matured

Over the past decade, there has been significant national investment in electronic health record (EHR) systems at U.S. hospitals, which was expected to result in improved quality and efficiency of care. However, evidence linking EHR adoption to better care is mixed, according to medical researchers.

Nursing Notes Can Help Predict ICU Survival, Study Finds

Researchers at the University of Waterloo in Ontario have found that sentiments in healthcare providers’ nursing notes can be good indicators of whether intensive care unit (ICU) patients will survive.

Health Catalyst Completes Acquisition of HIE Technology Company Medicity

Salt Lake City-based Health Catalyst, a data analytics company, has completed its acquisition of Medicity, a developer of health information exchange (HIE) technology, and the deal adds data exchange capabilities to Health Catalyst’s data, analytics and decision support solutions.

Advocate Aurora Health, Foxconn Plan Employee Wellness, “Smart City,” and Precision Medicine Collaboration

Wisconsin-based Advocate Aurora Health is partnering with Foxconn Health Technology Business Group, a Taiwanese company, to develop new technology-driven healthcare services and tools.

Healthcare Data Breach Costs Remain Highest at $408 Per Record

The cost of a data breach for healthcare organizations continues to rise, from $380 per record last year to $408 per record this year, as the healthcare industry also continues to incur the highest cost for data breaches compared to any other industry, according to a new study from IBM Security and the Ponemon Institute.

Morris Leaves ONC to Lead VA Office of Electronic Health Record Modernization

Genevieve Morris, who has been detailed to the U.S. Department of Veterans Affairs (VA) from her position as the principal deputy national coordinator for the Department of Health and Human Services, will move over full time to lead the newly establishment VA Office of Electronic Health Record Modernization.