Ransomware Attack Forces Michigan Practice to Close its Doors

April 4, 2019

A Michigan medical practice has closed its doors after a ransomware demand was deemed too costly to pay, according to a report from WWMT, a CBS-affiliated television station in the area.

Doctors at the Battle Creek, Mich.-based Brookside ENT and Hearing Center—a one-group practice—recently saw their entire system get booted offline, with the hackers demanding $6,500 in exchange for a code to access the files, according to the local report.

Two of the practice’s partners, William Scalf, M.D., and John Bizon, M.D.—both otolaryngology specialists—decided they would not pay the ransom, with the logic being there was no guarantee the code would unlock the files, or that more money wouldn’t be demanded after they paid. “It's devastating," Scalf said, according to the report. As such, Scalf and Bizon decided that retiring early was a better decision than building the practice from the ground up.

The FBI is investigating the hack, but all of office's files, including appointment schedules, payment and patient information has already been erased, according to the report, which also added that the practice’s electronic medical record (EMR) system was encrypted, meaning the files could not be copied or shared—just deleted.

In 2016, the FBI publicly stated that “Paying a ransom does not guarantee the victim will regain access to their data; in fact, some individuals or organizations are never provided with decryption keys after paying a ransom. Paying a ransom emboldens the adversary to target other victims for profit, and could provide incentive for other criminals to engage in similar illicit activities for financial gain. While the FBI does not support paying a ransom, it recognizes executives, when faced with inoperability issues, will evaluate all options to protect their shareholders, employees, and customers,” FBI officials stated.

Especially following the global WannaCry ransomware attack from 2017, there has been significant debate in healthcare circles about what hospitals and medical groups should do in the face of a ransom demand. The industry has been a prime target, regardless; in 2017, healthcare accounted for 45 percent of all ransomware attacks.

The Brookside ENT and Hearing Center office plans to permanently on April 30, and until then it will work on responding to patients’ questions and providing referrals, according to the local report.

Photo 95433616 © Benjawan Sittidech | Dreamstime.com
Photo 110251842 © Sherryvsmith | Dreamstime.com
Dreamstime Xl 110251842
Photo 127239865 © Awargula | Dreamstime.com
Dreamstime Xxl 127239865
Photo 134858757 © Airdone | Dreamstime.com
Dreamstime Xxl 134858757