RANSOMWARERansomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later.
The hack shut down the system for processing claims, billing and verifying patients’ eligibility for receiving care. Prescriptions were delayed, while discharging patients from hospitals and issuing paychecks for medical workers also were targeted.
The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association.
It is just the latest example of an increasing trend.
“We’ve worked on cases for really small hospital systems with a couple dozen beds where a payment may need to be made in order to not have to divert critical services like ambulances to a rural district that’s 100 miles away,” Meredith Griffanti, FTI Consulting’s Global Head of Cybersecurity and Data Privacy Communications, told VOA.
In ransomware attacks, criminal hackers encrypt victims’ computer systems and demand large sums of money to unlock the data, keep it from being made public or sold on the dark web — part of the internet inaccessible through common web browsers.
In a report in January, Emsisoft, a cybersecurity company, said 46 hospital systems with a total of 141 hospitals in the United States were affected by ransomware in 2023. In at least 32 of 46 systems, protected health information was stolen.
In November 2023, a ransomware attack on Ardent Health Services, which operates 30 hospitals, caused cancelation of patients’ procedures, while ER patients had to be rerouted to other hospitals in three U.S. states.
Among other consequences are locked health records, which makes it impossible for doctors to see allergies of patients and medicines they take, as well as delayed testing and scanning services.
University of Minnesota School of Public Health experts estimate that ransomware attacks killed 42 to 67 Medicare patients between 2016 and 2021.
Compromised Information
“2023 was the year in which the behavior of the threat actors and the aggression, the aggressive extortion tactics, really started to knock your socks off,” said Griffanti of FTI Consulting.
“We saw everything, from death threats, bouquets of flowers sent to CEOs houses. … We saw released pictures of executives’ family members and executives themselves on dark websites,” she said.
