GREENFIELD, Ind. -- Hancock Regional Hospital has control of its computer systems once again, after management decided to pay the ransom demanded by a hacker.
The hospital’s files were attacked last Thursday by ransomware known as SamSam, infecting more than 1,400 files before hospital security managed to contain it. Hancock Regional’s CEO says they considered attempts to bypass the hack and not pay the amount demanded by the hacker – four bitcoins, worth roughly $55,000 at the time.
But several factors changed their minds.
“With the ice and snow storm at hand, coupled with the one of the worst flu seasons in memory, we wanted to recover our systems in the quickest way possible and avoid extending the burden toward other hospitals of diverting patients,” said Steve Long, Hancock Regional CEO. “Restoring from backup was considered, though we made the deliberate decision to pay the ransom to expedite our return to full operations.”
Long says the hospital paid the ransom late last Friday night, with help from their attorneys and a security company based in Indianapolis. By Monday, access to the infected files was restored as promised, and the hospital resumed full digital operation.
Doctors and staff were left to conduct business by hand while the computer files were infected, but Long says the support systems of the hospital remained unaffected and patient safety was never at risk.