Network has been offline fore more than a week, $3.6 million demanded as ransom Update: In a statement, the hospital confirmed that a ransom (less than what was previously reported by consultants) was paid in order to return the network to working order. A copy of the official statement is here.“The reports of the hospital paying 9000 Bitcoins or $3.4 million are false. The amount of ransom requested was 40 Bitcoins, equivalent to approximately $17,000. The malware locks systems by encrypting files and demanding ransom to obtain the decryption key. The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.” – Allen Stefanek, President and CEO, Hollywood Presbyterian Medical CenterOriginal story:The computers at Hollywood Presbyterian Medical Center have been down for more than a week as the Southern California hospital works to recover from a Ransomware attack.According to officials HPMC, they’re cooperating fully with the LAPD and FBI, as law enforcement attempts to discover the identity of the attackers. However, in the meantime the network is offline and staff are struggling to deal with the loss of email and access to some patient data.The hospital’s President and CEO, Allen Stefanek, said the situation was declared an internal emergency, telling NBC LA that the hospital’s emergency room systems have been sporadically impacted by the malware. Some patients were transported to other hospitals due to the incident. In other parts of the hospital, computers essential for various functions, including CT scans, documentation, lab work, and pharmacy needs are offline.The hospital’s network has been down for at least a week, forcing staff to rely on fax machines and telephones to get work done.Registrations and medical records are being logged on paper and staff have been told to leave their systems offline until told otherwise.Stefanek said the attack was random, but didn’t expand on any of the technical details. Sources who spoke to NBC LA and Fox 11 in LA described the attack with descriptions matching a typical Ransomware infection.The type of Ransomware responsible for shutting down the hospital remains unknown, but one local computer consultant said the ransom being demanded was about 9,000 BTC, or just over $3.6 million dollars. Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe