Hollywood Presbyterian Medical Center

On February 5th, 2016, hackers used a ransomware attack to infect computers at Hollywood Presbyterian Medical Center.  The malware attack encrypted files on the hospital’s computer system and prevented staff from accessing their computers.

The hackers then demanded 40 Bitcoin, or $17,000  and offered to give back the data – only after the ransom was paid.  The only way to recover the files was to obtain the decryption key.

The attack lasted for about a week before the hospital ended up paying the ransom. IT experts were eventually able to regain control only after declaring an internal emergency.

During the shutdown, hospital staff returned to keeping records using paper and pen.  Some patients needing critical care were transported to different hospitals.  However, the hospital later claimed that regular operations remained the same and no patient files were affected.

In 2018, a New Jersey federal grand jury indicted two men who carried out the ransomware attack from Iran. The U.S. Department of Justice said the attack caused more than $30 million in losses and allowed the hackers to collect over $6 million in ransom payments.  The DOJ investigation found the cyber criminals accessed victim computers through security vulnerabilities and then installed SamSam Ransomware on the hospital computer system to carry out their digital blackmail scheme.