Columbia Surgical Specialists Pays Almost $15k Ransom Following Ransomware Attack
A ransomware attack on Spokane, Washington-based Columbia Surgical Specialists on Jan. 9 resulted in unauthorized access of medical records of almost 400,000 patients, the healthcare provider said in a press release. Although the FBI and security companies advise organizations not give in to hacker demands, the company paid almost $15,000 in ransom for a decryption key, arguing the health of their patients was more important, as surgeries were scheduled for that day.
“Yes, we paid $14,649.09. We received notice from the people that encrypted the files just a few hours before several patients were scheduled for surgeries, and they made it clear we would not have access to patient information until we paid a fee,” the firm said. “We quickly determined that the health and well-being of our patients was the number one concern, and when we made the payment they gave us the decryption key so we could immediately proceed unlocking the data. (Again, we believe the information was locked, but not obtained, by the perpetrators). The payment came from the doctors who own Columbia, and will not be passed on to our patients.”
Columbia Surgical Specialists said it only reported the data breach on March 7 because of an ongoing investigation into their networks to determine how the security incident happened. While the company claims no data was stolen was compromised, they thought best to warn clients that personal data such as name, drivers” license, Social Security number and other health information may have slipped out. There”s no evidence that data was misused by third-parties, it claims, and when the forensic investigation was finalized the number of patients who may have been affected dropped significantly.
The incident was reported to the US Department of Health and Human Service”s Office for Civil Rights, local news and the Washington State Office of the Attorney General, as per legal requirements.
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks
October 22, 2021
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals
October 20, 2021
What Is a VPN, How Does It Protect Me, and What Cool Perks Does it Offer?
September 23, 2021
Ultimate Privacy Guide for Your Facebook Account
August 31, 2021