More than 522,000 Puerto Rico Patients Impacted by Ransomware Attack
More than half a million patients in Bayamón, Puerto Rico have been affected by a ransomware attack on a medical center and its associated hospital.
Bayamón Medical Center and Puerto Rico Women and Children’s Hospital discovered on May 21, 2019 that their computer systems had been infected with ransomware. The ransomware encrypted a wide range of files and prevented hospital staff from accessing patient information ‘for a short period of time,’ according to a July 19, 2019 press release announcing the attack.
Approximately 522,000 current and former patients are being notified about the ransomware attack as a precautionary measure. The internal investigation into the attack confirmed that patient information was affected, but no evidence of unauthorized data access or theft was identified.
The information potentially compromised was limited to names, demographic information, clinical information, financial information, and in some cases, diagnosis information, dates of birth, and Social Security numbers.
The ransomware attack only rendered data temporarily inaccessible and all patient information has now been restored without data loss. It is unclear whether the ransom demand was paid for the keys to unlock the encryption or if systems were rebuilt and data restored from backups.
The ransomware attack has been reported to the Department of Health and Human Services’ Office for Civil Rights as two separate breaches affecting 422,496 patients of Bayamón Medical Center and 99,943 patients of Puerto Rico Women and Children’s Hospital.
The incident is the latest in a string of ransomware attacks on healthcare organizations. Data from Malwarebytes indicates ransomware attacks increased by 195% in Q1, 2019 and a recently published report from Coveware shows ransomware attacks increased by 184% in Q2. Last month, Carbon Black released the findings of a survey which indicated 66% of healthcare organizations had experienced a ransomware attack in the past 12 months.
Until ransomware stops being profitable or a more lucrative method of attacking businesses is found, ransomware attacks will continue. With ransom payments of tens of thousands of dollars being paid to attackers, it is probable that the problem will get much worse before it gets better.