Hackers demand ransom payment from Kansas Heart Hospital for files

By  | 

WICHITA, Kan. A hospital held hostage by hackers and denied access to its files until it pays a ransom. It's a crime that's been reported across the country, and now it's happened in Wichita.

It's called "ransomware" - hackers hijack your computer and hold the data until you pay up.

The Kansas Heart Hospital is the latest victim of this attack.

The hospital's president, Dr. Greg Duick, says the hackers never got access to patient information, but the attack did cause problems.

"Kansas Heart Hospital had a cyber attack occur late Wednesday evening," Duick said. "We suspect, as attacks other parts of the country, this was an offshore operation," he said.

Duick says hackers holding hospital files hostage is very common.

"Upwards of 45% of hospitals have received some kind of cyber attack. And multiple hospitals had additional attacks," he said.

About 9pm Wednesday, a hospital employee lost access to files.

"It would be like you're working on your computer and all of a sudden, your computer says, sorry can't help you anymore," Duick said. "It became widespread throughout the institution."

Hackers got into the system, and locked up the files, refusing to give back access unless the hospital paid up.

"I'm not at liberty because it's an ongoing investigation, to say the actual exact amount. A small amount was made," Duick said.

But even after the hospital paid, the hackers didn't return full access to the files. Instead, they demanded another ransom. The hospital says, it will not pay again.

"The policy of the Kansas Heart Hospital in conjunction with our consultants, felt no longer was this a wise maneuver or strategy," Durick said.

The hospital was aware that an attack like this might happen, and it did have a plan

"That plan went into immediate action. I think it helped in minimizing the amount of damage the encrypted agent could do," Durick said.

"The patient information never was jeopardized and we took measures to make sure it wouldn't be," he said.

Durik also says the attack never impacted patient treatment and will help the hospital strengthen its response to future hackers.

Ransomware is so common that many hospitals, Kansas Heart, have insurance to help cover costs of cyber extortion.

The hospital is working with it's IT team and security experts restore the rest of the system.

Hospitals have become a favorite target of the ransomware scam. Earlier this year 10 Medstar facilities in the Washington region were part of a cyber attack that prompted the health care provider to shut down it's computer system.

Also in February a California hospital paid $17,000 in ransom to regain access to its medical records.