Media Report: Finger Lakes Health Paid Ransom, Restoring Systems After Cyber Attack

According to an article in the Finger Lakes Times posted Sunday, Finger Lakes Health officials confirmed on Friday that a payment was made following the “ransomware” attack that disabled the health system’s electronic systems for about a week.

Officials with Finger Lakes Health, a three-hospital healthcare delivery system in Geneva, New York, confirmed last week that the health system was hit with a ransomware attack early Sunday, March 18. The health system was notified electronically that specific systems had been encrypted by an unknown entity, with that entity demanding payment to gain access to the systems. Computers and other electronic systems were shut down within an hour of health system officials being notified of the attack. Health system officials also said at the time that there was no indication that patient or employee information had been compromised.

Finger Lakes Times reporter Mike Hibbard reports that Lara Turbide, Finger Lakes Health’s vice president of community services, said the agency continues to bring systems back online after the cyber attack. Since the attack, the health system has been working with IT security professionals — both internal and external — to resolve the issue, Hibbard reported.

“Turbide said Finger Lakes Health’s information services team has been working around the clock and bringing systems back online in a step-wise approach. Email, internet, the majority of phone line access and several other electronic systems have been restored,” Hibbard reported in the article.

Further, the article quotes Turbide: “We are continuing to use our downtime paper procedures, which we have in place and utilize for situations including weather emergencies, power outages or other situations in which we have limited electronic access. This underscores the reason that we regularly conduct downtime procedure drills which proved useful in our response preparedness.”

According to the article, Turbide also said the recovery of systems was due significantly to the agency’s prompt response after being notified of the attack.

The Finger Lakes Times article quotes Turbide as stating, “Our immediate action to reduce connectivity and bring our own systems offline to protect them and patient/resident/employee care and information was effective and served an important purpose. The response process which we had in place worked to reduce the severity of the impact. Our experts have shared that this was a sophisticated attack that was only directed at extortion of money and not to access information.”

And, the article also reports, “The FBI continues to investigate. Turbide said Finger Lakes Health has kept the FBI apprised of its work, including a decision to leverage the agency’s insurance carrier to make a payment to accelerate the recovery process. Turbide has repeatedly declined to say how much ransom was demanded.”

And, Hibbard quotes Turbide in the article as stating, “We made this decision in the interest of patient and resident care to minimize patient inconvenience and to move past this incident as quickly as possible.”