Cyber-attack leads Hancock Health to pay hackers up to $50,000

By Catherine Sturman
The number of cyber-attacks within the healthcare sector is steadily rising. The demand to access data which is unchangeable, personal and highly confid...

The number of cyber-attacks within the healthcare sector is steadily rising. The demand to access data which is unchangeable, personal and highly confidential has seen healthcare organisations up their game in order to mitigate increased risks surrounding their security.

Hancock Health in Indiana is one recent example, where a ransomware attack has led to the organisation paying up to $50,000 in order to reobtain patient data, medical records and confidential emails. Named SamSam, the hacker gained access through the hospital’s remote-access portal, and locked healthcare professionals out of their systems, altering over a thousand file names to one sole name – “I’m sorry.”

It has been one of the rare times in which a hospital provider has paid the ransom to reobtain patient data, where the organisation worked with legal teams, cyber security experts and the FBI in order to understand how to best resolve the issue.

Upon paying the ransom, it is clear that no patient data was compromised, and the move was solely to receive payment, and not to use the data for other means. The systems were then gradually unlocked.

See also

 “We were in a very precarious situation at the time of the attack,” explained Hancock Health CEO Steve Long. “With the ice and snow storm at hand, coupled with one of the worst flu seasons in memory, we wanted to recover our systems in the quickest way possible and avoid extending the burden toward other hospitals of diverting patients.

Restoring from backup was considered, though we made the deliberate decision to pay the ransom to expedite our return to full operations.”

Nonetheless, to pay the ransom can further encourages hackers to try their luck at penetrating healthcare systems, many of whom are investing in stronger cyber-security, yet are still vulnerable to attack. It is imperative for healthcare organisations to mitigate any potential risks to guarantee not only the safety of patient data, but the full trust of patients and partnering organisations.

The recent breach follows on from Coplin Health Systems, who had to notify over 40,000 patients that their data had been compromised upon the theft of an employee’s laptop from a car late last year. Although adequate security measures were taken, the data was unencrypted, making it vulnerable to attack. However, it has been reported that all functionalities surrounding the laptop have been shut down remotely and it has not been used since, and is routinely monitored.


Featured Articles

Johnson & Johnson: Turning supplier spend into local support

Johnson & Johnson’s Global Supplier Diversity & Inclusion team is growing spending with social enterprises around the globe to expand its impact

Seasonal Affective Disorder’s impact on health & solutions

Dr Ravi Gill & Dr. Naomi Newman-Beinart discuss Seasonal Affective Disorder and its treatments, from vitamin D spray to light therapy

CGI teams up with Totalmobile for digital healthcare service

CGI is driving efficiency in healthcare. Hear from Helena Jochberger, at Manufacturing Digital LIVE, a free virtual event on Wednesday 6th December 2023

Deloitte: generative AI can improve access to healthcare

Technology & AI

Wipro & NVIDIA’s revolutionary healthcare uses generative AI


Healthtech platform CoverSelf extends seed round to US$8.2m

Technology & AI