L.A. Hospital Pays Bitcoin Ransom Over Hacked Medical Records

Updated on

Hollywood Presbyterian Medical Center was recently forced to pay $17,000 to hackers via bitcoin in order to see its electronic medical records returned following a malware attack.

Hospital put records online, blame Obama?

“To improve the quality of our health care while lowering its cost, we will make the immediate investments necessary to ensure that, within five years, all of America’s medical records are computerized,” said President Obama in 2009.  “This will cut waste, eliminate red tape and reduce the need to repeat expensive medical tests.”

While a noble idea and a good idea, you still need security as Allen Stefanek, president and chief executive of Hollywood Presbyterian Medical Center lamented yesterday.

“On the evening of February 5th, our staff noticed issues accessing the hospital’s computer network,” he wrote. “Our IT department began an immediate investigation and determined we had been subject to a malware attack. The malware locked access to certain computer systems and prevented us from sharing communications electronically.”

While that wouldn’t necessarily have been a problem a decade ago, this hospital and others become crippled when all their information is stored electronically but at the same time is inaccessible.

Hospital pays the Bitcoin ransom

Shortly after the hospital’s system was breached, the hospital was contacted by the hackers and the decision to pay about $17,000 in bitcoins was made to restore the system quickly.

“The reports of the hospital paying 9000 Bitcoins or $3.4 million are false,” said Stefanek. “The amount of ransom requested was 40 Bitcoins, equivalent to approximately $17,000.”

“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Stefanek’s statement said. “In the best interest of restoring normal operations, we did this. ”

According to security experts, this is becoming the preferred means by which to handle these affairs especially when a very “reasonable” amount of ransom is requested. And being a hospital in the United States, they will simply pass these costs on to patients.

Perhaps the biggest surprise in this story is the hospital’s willingness to make the payment public, many of these attacks simply go unannounced for obvious reasons.

Because the hospital went public, the FBI and LAPD are investigating the matter.

Signup to ValueWalk!

Get the latest posts on what's happening in the hedge fund and investing world sent straight to your inbox! 
This is information you won't get anywhere else!