Michigan medical practice refuses to pay the ransom - all data erased

Ransomware attack on Michigan medical practice: all patient data, including appointment schedules, get wiped

Michigan medical practice hit by ransomwareTwo doctors decided to not pay the ransom and now medical practice need to rebuild their database from scratch. Michigan medical practice named Brookside ENT and Hearing Center was hit by undisclosed ransomware and then asked to pay $6,500 for the file recovery.[1] However, attle Creek doctor's office decided not to trust these criminals and refused to pay up. Now, the medical practice center needs to rebuild its database that got wiped clean by attackers.[2]

While all data, including patient information, payment details, and even appointment schedule, was erased from the system, Dr. Willian Scalf and his partner Dr. John Bizon decided not to pay the demanded ransom since there was no guarantee to get those files back and retire early.

As a result, doctors decided to close the office permanently on April 30th and, in the meantime, are planning to refer people to other practices. Rebuilding the database from scratch was the only option, so Scalf and Bizon decided to retire after the incident.

Lost data builds up the devastation among patients

Reports have revealed that Ann Ouellette, mom of a 13-year-old girl, was shocked after the hearing the news about this incident. After medical records got deleted, the mother will be forced to start all over again with her daughter's scheduled appointments.[3]

The girl was supposed to come for a follow-up after the infection that occurred after the surgery. The office refers to other institutions but, since the medical records are gone, there is no information about what happened during the operation. Additionally, the girl had hearing tests done before that will have to be repeated as well.

Ann Oullette stated:

What am I going to do now because she just had surgery, who is going to follow up?

As usual, the FBI was called for the investigation, but no significant results have been revealed for the public yet. According to Bizon, his office at Battle Creek's Brookside Medical Center was the only one impacted at the time. There is no information about the certain type of ransomware virus or other details.

Is paying the ransom the only option when hit by the cryptovirus

Paying the ransom is not always the best option since there are numerous examples when businesses didn't get anything after paying. Although there have been several positive reports in the last few months when companies did receive their files after the ransom, it is not common practices.[4]

In this case, two now-retired doctors decided not to recover important database files by paying the demanded $6,500 ransom and close the center instead. Security experts also advise keeping away from paying because cybercriminals are not trustworthy or reliable. However, if ransom payment is the only solution to save patients' lives, getting data back should be the priority, and all the measures are acceptable.

According to recent tendencies, when people's rights are brought to second place due to exaggerated reports about disease outbreaks, computer viruses are not taken for granted. Companies should also take care of the data backups and take other precautionary measures against malware attacks.

It seems that the health sector is especially popular among ransomware developers. According to analysis, 45 percent of all ransomware cases in 2017 were found in the healthcare sector.[5] In 2018, this sector was struggling with cryptoviruses at the same pace.

About the author
Lucia Danes
Lucia Danes - Virus researcher

Lucia is a News Editor for 2spyware. She has a long experience working in malware and technology fields.

Contact Lucia Danes
About the company Esolutions

Read in other languages