Ransomware Attacks Hit Health Care Organizations


On May 12, 2017, multiple health care organizations throughout the world reported widespread “ransomware” attacks against their computer systems, many of which house protected health information (PHI). According to several reports, the cyber-attack has affected as many as 150 countries and infected 300,000 targets, including hospitals, universities and government agencies. Ransomware can be delivered via a link within or as an attachment to an email. If opened, these links or attachments take the recipient directly to a malicious website that a hacker can use to gain access to the system and place malware. If infected, the computer’s hard drive is encrypted and locks the user out of computer files, including PHI. Hackers then demand a ransom in order to regain access to the system, and in some cases, threaten to delete the information altogether if their demands are not met.

The Department of Homeland Security, as well as other government agencies, has advised affected and at risk entities not to click on suspicious or unknown links and to only open emails from known individuals from whom emails are expected. Organizations are also urged to keep malware prevention and anti-virus protection up to date. For more information about these ransomware attacks and how to protect your organization from becoming a victim, please see the links below:

Related Practices:   Healthcare Law

Related Attorney:   Lani M. Dornfeld, John D. Fanburg