Data of Michigan Medical Facilities Corrupted by Ransomware Attack

According to WNEM.com the three medical facilities (Community Hospital, Medical Clinic and Quick Care), owned Caro Community Hospital were infected with ransomware on 07.05.2017.  The said ransomware attack is believed to have hit the Caro Community Hospital’s database and consequently lead to corruption of medical facility’s IT infrastructure (computers, servers and telephones).

In the statement to the press, the hospital’s CEO, Marc Augsburger, said the hospital IT personnel practices the disaster recovery drills for incidents such as this.  He believes his staff was able to make a fairly seamless transition to using paper based systems until the infections could be eradicated, asserting no patient care was compromised.

“As far as patient care, it didn’t affect them at all. We have a great staff that are very used to moving things over to paper for any kind of a disaster. There are times where we actually practiced that,” M. Augsburger said.

Even after two weeks of hard recovery work the IT systems of Caro medical facilities are not 100% functional yet.

The ransomware variant has not been identified, but it was reported as a “brand new strain” by IT departments and the FBI.  It still remains unclear whether the ransom in bitcoin (est. $120,000) was paid by the medical facility to unlock encrypted data and regain access to their systems.

The CEO said he was caught off-guard by the attack, despite being being aware of the omnipresent cyber threats, he never thought it would make its way to his town.

To date, no particular rogue actor(s) was officially identified to be responsible for the attack.

Lesson learned?

Keep your guard up, have solid business continuity plans in place and practice disaster drills, as no one is immune to  cyber attacks.