Park DuValle Community Health Center has paid a ransom of $70,000 following a ransomware attack in June. The healthcare center had suffered an attack earlier in April 2019. However, it had managed to restore the affected systems without paying the ransom.
According to the statement by Elizabeth Ann Hagan-Grigsby, Park DuValle’s CEO, the organization has not been able to access its records or appointment scheduling system since June 7, 2019, because of the ransomware attack.
It is further found four clinics of the healthcare center have not been able to make appointments for the last seven weeks. Due to the failure to make appointments, the clinics had to rely on patients’ memories about previous treatments and medications. Also, they had to write it all on paper and store files in different boxes.
“This is everything. This is medical records, contact information, insurance information, anything about a patient...everything is gone,” Hagan-Grigsby said, WDRB.com reported.
“The records involved are for past and present patients,” she added.
Second attack in four months
Park DuValle had suffered its first ransomware attack on April 2, 2019. This had caused the healthcare center to lose access to its records for about three weeks.
Following the attack, the organization had rebuilt the record system using its back up data. But that option was not available when hackers struck again in June.
The organization had decided to pay the ransom after consulting with the FBI and information technology specialists. The payments were made in installments in the form of 6 bitcoins.
With the decryption keys provided by the hackers, the organization expects to restore the data by August 1, 2019.