Hackers demand $3.6 million ransom for return of hospital’s data

David bisson
David Bisson


Hackers are demanding a ransom payment of $3.6 million following an attack against a Southern California hospital.

NBC4 reports that staff at the Hollywood Presbyterian Medical Center began noticing “significant IT issues and declared an internal emergency” late last week.

A doctor who wishes to not be identified told NBC4 that the hospital’s IT system had been hacked and was being held for ransom.

Sign up to our free newsletter.
Security news, advice, and tips.

Computer forensics experts, the FBI, and the Los Angeles Police Department are currently investigating the attack.

In the meantime, the hospital continues to cope with a degraded computer network.

Hard driveSeveral departments, including radiology and oncology, have been shut down and are not allowed to turn on their computers until the attack has been resolved, writes The Medical Quack.

All other departments have resorted to communicating via jammed fax and phone lines, with registrations and medical records being logged on paper.

As a result of these complications, some outpatients have missed their treatments, while some patients are being transferred to other hospitals.

CSO Online notes that the type of malware used in the hospital attack is currently unknown. However, a local computer consultant has stated that the hackers are demanding a ransom of 9,000 Bitcoins be paid – approximately $3.6 million – in return for the restoration of the hospital’s data.

Lincolnshire County Council

Security observers balked at reports that attackers were demanding a ransom payment of £1 million for an attack against Lincolnshire County Council earlier in February.

So, no one was really surprised when BBC News stated that the earlier claim of £1 million had been revised to a paltry £350.

$3.6 million, by comparison, is about twice the first-reported ransom demand in the Lincolnshire attack, and no-one has so far denied its accuracy.

BitcoinVery little is known about why the ransom demand of the Hollywood Presbyterian Medical Center is quite so high.

Catalin Cimpanu of Softpedia believes that only two scenarios are plausible: either the ransomware spread to a number of computers in the hospital via a local LAN server, causing the ransom demand for all affected computers to total 9,000 BTC, or the attackers are exploiting the infection of a small number of key computers to an almost unreal degree.

This case highlights the importance of regular data back-ups for organizations and ordinary users alike.

At this time, it is unclear to what extent patients’ information might have been affected by the attack. We can only hope that secure backups of encrypted data have been maintained, or that the forensics experts identify the ransomware quickly and find it to be a variant for which a decryption tool has already been produced. Otherwise the hospital could face a very heavy payment in its near future.

Hit by ransomware

David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

2 comments on “Hackers demand $3.6 million ransom for return of hospital’s data”

  1. Dave

    I'm starting to feel like hackers are becoming such a menace to society that eventually there will be a global sentiment to treat modern-day hackers like the world dealt with pirates in the 15th thru 18th centuries (and interestingly how the Russians dealt with modern day pirates off the coast of Africa in a similar way in our current politically correct environment).

    The article about hackers stealing hospital information could be easily interpreted as attempted murder (or outright murder when someone dies) since much of that information they stole may save those patients lives that are not accessible now to other medical facilities when those people become injured or sick. The same thing goes for hacking databases of government workers and publishing the information online, that puts lives in danger.

    I would be 100% in favor of death penalties for hackers, this is a scourge to society that needs to be dealt with swiftly and with an iron fist approach. The only other way to deal with this is to have stern sentences (say 10 years for the first offense and life imprisonment for a 2nd offense).

    Personally, I like the idea of bringing back the gallows for many types of criminals including these modern day pirates.

    1. Tom · in reply to Dave

      I second the motion for Death Penalty for Internet Criminals. Hackers is an overly broad category though which at least in the past included non-criminals.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.