Kansas Heart Hospital Hit With Ransomware; Hackers Do Not Unlock Files After Receiving Ransom Payment | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Kansas Heart Hospital Hit With Ransomware; Hackers Do Not Unlock Files After Receiving Ransom Payment

May 23, 2016
by Heather Landi
| Reprints

Wichita, Kan.-based Kansas Heart Hospital was hit with a ransomware attack last Wednesday, but after the hospital paid an undisclosed ransom, the hackers demanded more, according to local news reports.

Local television news station KWCH reported last Friday that Kansas Heart Hospital president Greg Duick, M.D., acknowledged that the hospital was the victim of a cyber attack.

The KWCH report states quotes Duick as stating, “Kansas Heart Hospital had a cyber attack occur late Wednesday evening. We suspect, as attacks other parts of the country, this was an offshore operation.”

According to the report, hackers got access to the system and locked up the files, refusing to give back access unless the hospital paid a ransom.

The news report, written by Deedee Sun, quotes Duick as stating, “I'm not at liberty because it's an ongoing investigation, to say the actual exact amount. A small amount was made.”

However, after the hospital paid a ransom, the hacker did not return full access to the files, according to the news report. Instead, they demanded another ransom. “The hospital says it will not pay again,” the article stated.

"The policy of the Kansas Heart Hospital in conjunction with our consultants, felt no longer was this a wise maneuver or strategy," Duick stated, according to the article.

As previously reported in Healthcare Informatics, FBI has officially stated that it does not recommend paying a ransom in a ransomware attack.

“Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals,” FBI Cyber Division Assistant Director James Trainor stated in a FBI blog post.

The article further states that the hospital had a cybersecurity plan in place, which went into effect.

"That plan went into immediate action. I think it helped in minimizing the amount of damage the encrypted agent could do," Duick was quoted as saying. “

He also said that patient information was not jeopardized and the attack did not impact patient treatment.

The hospital is working with security experts and its IT team to restore the rest of the system.

Topics

News

An Estimated $262B in Medical Claims Initially Denied in 2016, Analysis Shows

A new analysis from Change Healthcare has revealed that out of an estimated $3 trillion in medical claims submitted by hospitals in the U.S. last year, an estimated 9 percent of charges—representing $262 billion—were initially denied.

Global Cybersecurity Workforce Shortage to Reach 1.8 Million by 2022

The cybersecurity workforce gap is on pace to hit 1.8 million by 2022, a 20 percent increase since 2015, according to the Global Information Security Workforce study.

Anthem Agrees to $115 Million Settlement in Data Breach Litigation

Indianapolis-based Anthem has agreed to pay $115 million in a proposed settlement to resolve the multidistrict class action litigation relating to the 2015 cyber attack that compromised the personal information of 78.8 million people.

Survey: Providers Struggling to Leverage Tech Power for RCM

Providers find themselves challenged to maximize the benefits of innovative technology to better manage uncompensated care and revenue integrity, according to a new survey from the Healthcare Financial Management Association (HFMA) and Navigant.

WellStar Health System Partners with PatientPing for Care Coordination Technology

Marietta, Ga.-based WellStar Health System, the largest health system in Georgia is partnering with PatientPing, a Boston-based health technology company, to use its care coordination technology across the health system.

Senators Introduce Bill to Expand Rural Telehealth Services

U.S. Senators Roger Wicker (R-Miss.) and Brian Schatz (D-Hawaii) have introduced bipartisan legislation to expand access to rural telehealth services. The bill would allow non-rural hospitals serving rural areas to qualify for support from the Federal Communications Commission (FCC) Healthcare Connect Fund (HCF).