Source: Bleeping Computer
Great Plains Health medical center is recovering from a ransomware incident that hit its computer network at the beginning of the week and forced switching to pen and paper to maintain activity.
The attack was detected on Monday around 7 p.m. and the IT department worked through the night to reduce the impact on local health services.
Patient data likely safe
On Tuesday, GPHealth announced that it was canceling a large number of non-emergent patient appointments and procedures. This decision does not affect surgeries and select imaging procedures, which continued as planned.
Mel McNea, GPHealth chief executive officer, says that there is no reason to suspect that patient data was accessed but the organization will do a full audit, nevertheless.
Ransomware encrypts files on affected systems and is not typically associated with data theft. However, a new trend is prefiguring where data is stolen before being encrypted by the malware.
The group behind Maze ransomware carried out such an attack and threatened the victim company that they would leak the stolen data unless they paid 300 bitcoin ($2.3 million at the time) for the decryption key.
When the company refused to pay the ransom, Maze operators kept their word and published a cache of 700MB worth of files.
Well on its way to recovery
A statement on Facebook from GPHealth informs that there is no reason to believe that patient information was accessed during the attack on their systems.
The facility also says that it is cooperating with law enforcement during the investigation. At this moment, it is unclear what ransomware strain was used in the attack or if the ransom was paid to restore the encrypted data.
The same post announces that the center was in normal health systems operations. In an update today, the organization says that it is working on phone issues.