Hollywood Hospital Pays Off Hackers To Restore Computer System

February 18, 2016, 7:32 PM UTC
Online Crime
BERLIN, GERMANY - AUGUST 20: Symbolic feature with topic online crime, data theft and piracy and hacker, here the silhouette of a person with a laptop in his hands, on Augut 20, 2015 in Berlin, Germany. (Photo by Thomas Trutschel/Photothek via Getty Images)
Photography by Thomas Trutschel Photothek via Getty Images

A Hollywood hospital whose internal IT systems were held hostage by hackers decided that it would pay a ransom in order to gain back access to its systems.

Hollywood Presbyterian Medical Center paid hackers 40 bitcoins, which equals to roughly $17,000, and on Monday restored its electronic medical record system, according to a statement by Hollywood Presbyterian Medical Center CEO Allen Stefanek. Stefanek said that all of the hospital’s clinical operations use that medical record system.

Reports that the ransom was around $3.4 million were false, said Stefanek.

Get Data Sheet, Fortune’s technology newsletter.

The CEO said staff had problems accessing the hospital’s computer network on February 5. IT staff then discovered malware that encrypted certain network files and prevented workers from accessing the medical record system. In exchange for a ransom, the hackers said they would give the hospital the necessary decryption keys to unlock the files and gain back access.

A local NBC news station talked to an unnamed hospital doctor who said the locked-down computer systems were used for patient care documentation and the sharing of lab work, X-rays and CT scans.

The hospital notified law enforcement and computer experts to help bring the system online, said Stefanek.

However, whatever recommendations the experts or law enforcement gave to the hospital to gain back access to the systems were apparently not as effective as paying off the ransom.

For more on cybersecurity, watch our video:

“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” said Stefanek. “In the best interest of restoring normal operations, we did this.”

Stefanek said the malware has been removed from the hospital’s systems and that “patient care has not been compromised in any way.” Based on the hospital’s evidence, the hackers did not access any patient or employee information, he said.

At this time, it’s unclear how the malware was installed on the hospital’s network in the first place.

So-called ransomware can be spread to computer networks through phishing campaigns, in which unwitting users click on rigged emails sent by attackers that look like legitimate. By clicking on a link on a the fraud email, a user can potentially download malware that locks down the computer and then asks for a ransom to unlock the machine.

Security company Palo Alto Networks (PANW) earlier this week said a new type of ransomware called Locky has been gaining in popularity and spreads itself onto computers through corrupted Microsoft Word documents attached in emails.

Read More

Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward