A Los Angeles based healthcare firm made an official announcement today that its servers were hit with ransomware in June this year. The Medical center also added in its media briefing that its IT staff succeeded in removing the virus to decrypt the data. However, the spokesperson remains tight lipped on whether a ransom was paid to free up the servers from the virus.
Cybersecurity Insiders has learned from its sources that the servers of Pacific Alliance Medical Center(PAMC) were hit by ransomware on June 14th,2017. And as soon as the officials of the healthcare firm learned about the situation they immediately reacted by shutting down the network to prevent further spread of the virus.
The IT team of the medical center discovered in its initial investigation that several PAMC computers were impacted in the cyber attack. However, they are not sure whether the data on the malware infected servers were compromised.
PAMC disclosed in its press release that the impacted servers contained info such as personal and medical info, such as names, demographic details, social security numbers, date of births, employment info, insurance details, diagnoses, medical images, and the like.
FBI, California Department of Public Health, California Attorney General, and the US Department of Health and Human Services Office for Civil Rights were informed about the cyber attack by PAMC on June 24th,2017.
Pacific Alliance Medical Center(PAMC) has announced that it will offer two years of free identity theft protection services to all its patients. The company also mentioned in its briefing that it has strengthened its networkās virus detection capabilities and has replaced some hardware and software to prevent such attacks in future. The healthcare services provider has also emailed the details of the cyber attack to all its patients and is ready to respond to their concerns through proper channel.
Note- In May 2017, Trump signed an executive order that makes senior level executives and company directors accountable for cyber attacks which target their respective companies. The order also stresses on the fact that healthcare providers should determine with certainty that hackers were unable to access data during a ransomware attack.
