All of records erased, doctor’s office closes after ransomware attack
May 14, 2019
A computer virus recently injected itself into the electronic medical record system of Brookside ENT & Hearing Services and ruined the business.
The two-doctor medical practice in Michigan has apparently become the first health care provider in the nation to shut its doors for good because of a ransomware attack, according to half a dozen cybersecurity experts contacted in the past week. Hackers are targeting Minnesota hospitals and clinics at an escalating pace, including four breaches involving patient files already reported in 2019, though any interruptions of work have been temporary.
At Brookside ENT in Battle Creek, Mich., the ransomware virus started by deleting and overwriting every medical record, bill and appointment, including the backups. The virus left behind a duplicate of the deleted files, which could be unlocked with a password that the attacker promised to provide for $6,500 in U.S. currency wired to an account, doctors at the clinic said.
Scalf said an “IT guy” advising them on the attack determined that the attacker did not view the medical records, so the infection wasn’t formally reported as a breach under the federal HIPAA law. But lacking any medical and billing records, the doctors closed the business on April 1 and retired about a year before they planned to.
Those totals put Minnesota on track to exceed the 10 health data breaches recorded in 2018. The largest breach last year affected 20,800 records following an e-mail hacking incident at the Minnesota Department of Human Services.