Industries & Practices

Privacy & Data Protection


    Hospital pays (reduced) ransom

    The cyber-attack involving Hollywood Presbyterian Medical Center in Los Angeles came to a quick end. The hospital had been the victim of a cyber-attack that shut down the its network. Hackers found a way into the hospital’s system, then used a type of malware known as ransomware to disable the hospital’s computer systems. Initial reports indicated that the hackers demanded upwards of $3.6 million to get the systems back up and running. The hospital’s president and CEO, Allen Stefanek, however, issued a letter stating that the hospital ended up paying about $17,000. “The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this,” he said. 

    These kinds of attacks are not new or even unique to hospitals, but they are on the rise. The hospital’s situation, along with the increase in frequency of cyber-attacks, highlights the need to take steps on the front end to prevent these kinds of attacks and to have a plan in place in the event that such an attack does occur. Recognizing that preventing all attacks is unrealistic, most organizations are well advised to create redundant data stores so that operations can continue if the primary data store is held hostage.

    This is for informational purposes only. It is not intended to be legal advice and does not create or imply an attorney-client relationship.

    Download PDF