• United States



Senior Staff Writer

Ransomware takes Hollywood hospital offline, $3.6M demanded by attackers

Feb 14, 20162 mins

Network has been offline fore more than a week, $3.6 million demanded as ransom

Update: In a statement, the hospital confirmed that a ransom (less than what was previously reported by consultants) was paid in order to return the network to working order. A copy of the official statement is here.

“The reports of the hospital paying 9000 Bitcoins or $3.4 million are false. The amount of ransom  requested was 40 Bitcoins, equivalent to approximately $17,000. The malware locks systems by  encrypting files and demanding ransom to obtain the decryption key. The quickest and most efficient  way to restore our systems and administrative functions was to pay the ransom and obtain the  decryption key. In the best interest of restoring normal operations, we did this.” –  Allen Stefanek, President and CEO, Hollywood Presbyterian Medical Center

Original story:

The computers at Hollywood Presbyterian Medical Center have been down for more than a week as the Southern California hospital works to recover from a Ransomware attack.

According to officials HPMC, they’re cooperating fully with the LAPD and FBI, as law enforcement attempts to discover the identity of the attackers.

However, in the meantime the network is offline and staff are struggling to deal with the loss of email and access to some patient data.

The hospital’s President and CEO, Allen Stefanek, said the situation was declared an internal emergency, telling NBC LA that the hospital’s emergency room systems have been sporadically impacted by the malware.

Some patients were transported to other hospitals due to the incident. In other parts of the hospital, computers essential for various functions, including CT scans, documentation, lab work, and pharmacy needs are offline.

The hospital’s network has been down for at least a week, forcing staff to rely on fax machines and telephones to get work done.

Registrations and medical records are being logged on paper and staff have been told to leave their systems offline until told otherwise.

Stefanek said the attack was random, but didn’t expand on any of the technical details. Sources who spoke to NBC LA and Fox 11 in LA described the attack with descriptions matching a typical Ransomware infection.

The type of Ransomware responsible for shutting down the hospital remains unknown, but one local computer consultant said the ransom being demanded was about 9,000 BTC, or just over $3.6 million dollars.