Printed from

Hospital pays ransom in bitcoins to restore computer systems

Posted On: Feb. 18, 2016 12:00 AM CST

Hospital pays ransom in bitcoins to restore computer systems

A Los Angeles hospital has agreed to pay the equivalent of $17,000 in bitcoins to restore control of its computer systems, in a “ransomware” incident.

Allen Stefanek, president and CEO of Hollywood Presbyterian Medical Center, a private 434-bed facility, said in a statement Wednesday that on Feb. 5, the hospital staff noticed problems accessing the hospital's computer network, and an investigation by its information technology department determined it had been subject to a malware attack.

“The malware locked access to certain computer systems and prevented us from sharing communications electronically,” said the statement.

According to news reports, doctors at the hospital were forced to rely on telephones and fax machines to relay patient information, and communications between physicians and staff were bogged down by paper records and difficulty deciphering doctors' handwriting. There were also reports that ambulances had been diverted from the hospital.

The hospital received a ransom demand of 40 bitcoins, which is the equivalent of about $17,000, to obtain the decryption key to unlock the system, and paid it.

“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations we did this,” said Mr. Stefanek's statement.

He said the hospital has restored its electronic medical record system as of Monday. “All clinical operations are utilizing the (electronic medical record) system,” said the statement. “All systems currently in use were cleared of the malware and thoroughly tested. We continue to work with our team of experts to understand more about this event.”

The statement said also: “Patient care has not been compromised in any way. Further, we have no evidence at this time that any patient or employee information was subject to unauthorized access.”

A hospital spokeswoman had no further comment.

In October, Cisco Systems Inc. said it had managed to disrupt the spread of one of the most pernicious systems for infecting Internet users with malicious software such as ransomware.

A Singapore-based chief security officer for Microsoft Asia, a unit of Microsoft Corp., predicted in December 2014 that while at that point ransomware had largely been confined to Australia, it would appear elsewhere as well.