LA hospital pays £12,000 Bitcoin ransomware demand

Hackers 'did not' access patient or employment data in attack locking staff out of computers

A Los Angeles hospital has paid cybercriminals a Bitcoin ransom demand of 12,000 to restore access to its medical database.

The Hollywood Presbyterian Medical Center shut down its computer network on 5 February, following a ransonware cyber attack that has lasted more than a week.

Ransomware commonly refers to malware attacks that encrypt data and demand payment before the user can obtain the decryption key.

Hospital staff were locked out of online patient records and test results, forcing them to resort to pens, pads, phones and fax machines for many tasks usually handled on computers.

Advertisement - Article continues below

As soon as the hospital identified the attack, it called in investigators from the Los Angeles police department, FBI and a private cyber forensics firm.

After more than a week of working with the experts however, managers decided to pay the ransom.

"The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom," said hospital president and CEO Allen Stefanek in a statement. "In the best interest of restoring normal operations, we did this."

Early reports initially claimed the criminals had demanded 9,000 bitcoins (2.6 million), but the hackers only received 40 bitcoins.

Stefanek added that there was no evidence at this time that hackers accessed any patient or employee information.

The identity of the ransomware attackers is still unknown, but some reports have suggested that the attack was random rather than specifically targeted at the hospital.

Cyber attacks such as ransomware are becoming an increasing threat to businesses and public organisations.

The malware attack against the hospital follows Kaspersky Lab's own investigations into hospitals' vulnerabilities, saying it was "scary" how easy it is to hack hospitals.

Lincolnshire County Council was also the victim of a similar malware attack last month, but the council refused to pay the demand.

Featured Resources

Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?

Download now

Your first step researching Managed File Transfer

Advice and expertise on researching the right MFT solution for your business

Download now

The KPIs you should be measuring

How MSPs can measure performance and evaluate their relationships with clients

Download now

Life in the digital workspace

A guide to technology and the changing concept of workspace

Download now



Best antivirus for Windows 10

3 Sep 2019

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019

Best free malware removal tools 2019

8 Mar 2019

Most Popular

mergers and acquisitions

Xerox threatens hostile takeover after HP rebuffs $30bn takeover

22 Nov 2019
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019
IT infrastructure

TSB payment delays suggest second IT meltdown

22 Nov 2019

Salesforce takes AWS relationship to the next level

19 Nov 2019