[ Monday, May 23, 2016 ]
Often mentioned possibility comes to fruition: Kansas Heart Hospital
Jeff [1:27 PM]
got hit by a ransomware attack last week and paid the ransom to get their data back. The hackers returned for a second bite, but this time the hospital is not paying. Presumably "baby got backups."
Actually, this is not a re-encryption, but rather a refusal to give up the full decryption in response to the payment of the ransom
I've heard of this as a possibility, but this is the first time I've heard of a healthcare provider getting hit with a second ransom demand. In every other incident I'm aware of, the hackers did provide the encryption key. Of course, in some instances, not all of the data is recoverable; the process of encryption might overflow usable memory, so that the decrypted data is corrupted or incomplete, so even if the hackers give the correct key (or all the correct keys), it's possible some data would be lost. In this case, it sounds like the hackers intended to go for a second bite.
This is the example, though, that should make you think long and hard about paying the ransom, even if it's relatively small.
Blogger: HIPAA Blog - Edit your Template