Clinic Pays Ransom to Regain Access to EMR

A New Jersey clinic locked out of its computer systems by ransomware opted to pay the hackers to regain access.

On July 27, computer systems at New Jersey Spine Center in Chatham, New Jersey, were infected with CryptoWall ransomware, according to a letter sent to affected patients and posted to the Oregon Department of Justice Consumer Protection security breach database. By the time the ransomware was detected, it had encrypted the clinic’s electronic medical records (EMR). The infection spread to the clinic’s most recent backups, encrypting those as well, and even disabled the phone system. According to the Office for Civil Rights’ (OCR) breach portal, 28,000 individuals were affected by the breach.

Infected files contained individual’s treatment and payment information including:

• Addresses
• Clinical information
• Credit card information
• Dates of birth
• Social Security numbers

Local and federal law enforcement were notified, but, unable to restore a backup and seeing no other option, the clinic opted to pay the ransom, the letter said. The amount of ransom paid was not disclosed. Full access to the files was restored August 1, the clinic said in a statement.

The clinic is offering affected patients one year of free identity protection and credit monitoring services.