ECMC reveals cyber attack demanded a ransom the hospital refused to pay

Posted at 9:17 AM, May 17, 2017
and last updated 2017-05-17 11:50:52-04

A cyber attack last month on Erie County Medical Center involved a ransom demand of thousands of dollars, the hospital confirmed.

The Level I trauma hospital refused to pay the ransom demanded by an international source. ECMC is still recovering from the attack that led to a shut-down of all internal computer systems and email, including electronic medical records and billing systems.

Hospital president and CEO Tom Quatroche says the FBI and security companies supported the hospital's decision to not pay the ransom. He says paying would have made ECMC a target.

Consultants at GreyCastle Security say ECMC's ransomware issue was not part of the WannaCry ransomware attacks that hit organizations around the world.

The IT staff at ECMC noticed something was wrong early on April 9 and officials decided to shut down the entire system at the $600 million facility to prevent further damage. The hospital received help from other local hospitals and state and federal law enforcement investigators. ECMC also had to result to using paper forms to conduct business. Officials say patient information was never compromised during this time.

Backup systems are beginning to restore some information, and a more secure restoration is expected later in the month.

This incident was a wakeup call for the hospital community, said Quatroche, who also pointed out that this could happen to anyone.

Luckily the hospital had just upgraded its insurance to cover cyber issues and business interruptions last fall. The cost for dealing with the attacks won't be known for some time.