DECATUR, Ind. (WANE) – Adams Health Network, which runs Adams Memorial Hospital, has confirmed that a ransomware attack targeted some of its computer servers on Jan. 11.
Ransomware is a malicious software designed to block access to a computer system until a set amount of money is paid to the initiators of the attack. Adams Health Network has not disclosed the sum of the ransom request or whether it complied.
An employee brought the problem to the attention of administrators after certain files did not look correct according to Susan Sefton, a spokesperson for Adams Memorial Hospital. Sefton said the network was slow and then went blank before files on the system read “sorry.”
The Berne Outpatient Clinic and three physicians in the network could not access patient history or appointment schedules Friday as a result of the breach. Sefton said this impacted about 60 to 80 patients. Adams Health Medical Offices were closed Friday and a Facebook post attributed the closure to weather conditions.
Doctors now have access to scheduling however it is unclear if access to patient history has been restored. Sefton said the IT department still working to fully restore the servers.
The network released this statement:
While AHN did experience a business interruption throughout the weekend as we worked to restore the affected severs, there was never an interruption in patient care. We are continuing to assess the severity of the situation, but at this time we believe no patient files have been accessed. At no time during this event has the quality and safety of patient care been affected.
There were no letters sent to patients notifying them of the breach.
Jo Ellen Eidam, CEO of Adams Memorial Hospital, denied interview requests by NewsChannel 15.
In addition to operating Adams Memorial Hospital, Adams Health Network has offices in Decatur, Monroe, Berne and Geneva.
Earlier this week the Associated Press reported that Hancock Health paid ransom worth about $55,000 to hackers to regain access to hospital computer systems. That attack came the same day as the attack on Adams Health Network.
On its website, the FBI indicates it doesn’t support paying a ransom in the instance of a ransomware attack because paying a ransom doesn’t guarantee the data will be restored. and there have been cases where organizations never got a decryption key after having paid the ransom.
The FBI believes paying a ransom not only encourages current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved. The organization targeted by the ransomware might also inadvertently be funding other illicit activity associated with criminals.