CEO Steve Long, president, and CEO of Hancock Regional Hospital was forced into paying bitcoin to hackers. It was in the month of January this year. Long was notified that his computer systems were hacked and encrypted through ransomware planted by an anonymous criminal group.
As reported by CNBC this happened due to the hackers got access to the login credentials of one of the hardware vendor who provides hardware for one of the computer systems used by the hospital. The hackers used the access and then injected a group of malware to encrypt the hospital patient’s data.
The hackers gave seven days of time for the hospital to play the ransom money through bitcoin payment. Then Long hired a to a cybersecurity company named Pondurance to find and recover the data that has been encrypted. But the cybersecurity team commented that there is no easy way to get the data back and the only way is to get it by paying the hackers and getting the decryption key to get the clear data.
As CEO and President of Hancock Regional Hospital, Long wanted to make sure that his patient’s data was secure and safe and at the end, he was forced to pay the hackers in bitcoin.
“We were very prepared. We understood that cyberattacks are common,” Long told CNBC.
Hancock paid about $55000 in bitcoin to the hackers. At that time in January, bitcoin was selling above $13,000. Hancock got the encryption keys by transferring 4 bitcoins to the hackers.
During the investigation, they found out that no data of the patients have been stolen and the hackers planned only to plant the ransomware to get paid.
After these attack took place Long travels around the country guiding other health-care facilities. He said he has 4 to 5 talks with various health-care groups and IT organizations on “patient safety and restoration” this should guide everything a health organization must do in such an event.