Ransomware Attack Forces Two-Physician Practice to Shut its Doors for Good.

Ransomware Attack

Even with nearly daily reports of cyber incidents reported in the news, many small physician practices are hesitant to purchase adequate cyber liability coverage. All healthcare organizations, regardless of size maintain some level of valuable personal or business information, whether it be on patients and/or employees. This makes any healthcare organization vulnerable to hacking, phishing, ransomware and other cyber scams. And in our current technology-dependent environment, the question is not if your organization will experience an incident but instead when, and will you be prepared.

A recent article from InCyberdefense explains how a two-doctor medical practice in Michigan was forced to shut down for good due to the widespread impact of a ransomware attack. Brookside ENT in Battle Creek, Michigan was impacted by a ransomware attack that demanded $6,500 to unlock a file containing backups of all medical records, bills and appointments that had been deleted through the malware. The physicians refused to pay the ransom, resulting in the permanent loss of all medical and billing records. They ultimately decided to close the practice on April 1. Many cybersecurity experts have commented that this is the first known incident where a physician practice has shut down as a direct result of a cybersecurity incident.

Smaller practices are particularly vulnerable because they simply cannot afford to have a full-time IT professional on staff, let alone someone who focuses on cybersecurity protocols and defenses. The article identifies other reported breaches that have recently affected physicians in Minnesota alone:

  • A malware attack at a Woodbury reproductive medicine clinic affecting 40,000 patients.
  • A hacking and e-mail phishing attack at a behavioral health clinic in the Duluth area resulting in the breach of 1,200 records.
  • A breach of 2,143 medical records at a community hospital district in Blue Earth.

The article goes on to indicate that there are many other cases that never go reported. Instead, the providers will pay the ransom and recover the files without ever issuing any public notification. This trend has made ransomware attacks a lucrative business model for hackers across the globe— further proving that this trend is only going to continue and grow. Simply thinking that your business or practice “is too small of a target” will only lead to severe implications for you, your patients and your employees.

Organizations should take a moment to learn from Brookside to prevent a similar fate.  While proactive cybersecurity action and planning may not always thwart these attacks, it certainly will provide valuable assistance in the response and recovery. This could be the difference between a small hiccup in operations to closing your doors for good.

Is your organization prepared to deal with a similar circumstance?  Have you taken the steps to minimize the likelihood that an attack could be successful?  Do you know where you would turn if a similar ransom demand was received?  Are you prepared to recover if your data was destroyed? 

There are cybersecurity tools and solutions available through risk management and insurance products designed to help all organizations, especially physician practices to address all of these questions.  Contact a trusted RCM&D advisor today to discuss your risks exposures and learn more about how to protect your organization from the devastating impacts of a cybersecurity incident.