LA hospital pays £12,000 Bitcoin ransomware demand

Hackers 'did not' access patient or employment data in attack locking staff out of computers

A Los Angeles hospital has paid cybercriminals a Bitcoin ransom demand of 12,000 to restore access to its medical database.

The Hollywood Presbyterian Medical Center shut down its computer network on 5 February, following a ransonware cyber attack that has lasted more than a week.

Ransomware commonly refers to malware attacks that encrypt data and demand payment before the user can obtain the decryption key.

Advertisement - Article continues below

Hospital staff were locked out of online patient records and test results, forcing them to resort to pens, pads, phones and fax machines for many tasks usually handled on computers.

As soon as the hospital identified the attack, it called in investigators from the Los Angeles police department, FBI and a private cyber forensics firm.

After more than a week of working with the experts however, managers decided to pay the ransom.

"The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom," said hospital president and CEO Allen Stefanek in a statement. "In the best interest of restoring normal operations, we did this."

Early reports initially claimed the criminals had demanded 9,000 bitcoins (2.6 million), but the hackers only received 40 bitcoins.

Stefanek added that there was no evidence at this time that hackers accessed any patient or employee information.

Advertisement - Article continues below

The identity of the ransomware attackers is still unknown, but some reports have suggested that the attack was random rather than specifically targeted at the hospital.

Advertisement - Article continues below

Cyber attacks such as ransomware are becoming an increasing threat to businesses and public organisations.

The malware attack against the hospital follows Kaspersky Lab's own investigations into hospitals' vulnerabilities, saying it was "scary" how easy it is to hack hospitals.

Lincolnshire County Council was also the victim of a similar malware attack last month, but the council refused to pay the demand.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now



How can you protect your business from crypto-ransomware?

4 Nov 2019

INKY announces $20M Series B funding round

4 Jun 2020

Microsoft issues warning about new PonyFinal ransomware attacks

3 Jun 2020
data breaches

Amtrak Guest Reward suffers a data breach

3 Jun 2020

Most Popular


Apple confirms serious bugs in iOS 13.5

4 Jun 2020

The UK looks to Japan and South Korea for 5G equipment

4 Jun 2020

Tycoon ransomware discovered using Java image files to target software firms

5 Jun 2020