Hacker demands ransom in Bitcoin after taking over hospital servers

It is a fact that the healthcare industry has been a lucrative target for cyber criminals around the world with increasing incidents involving malware attacks on medical centers and hospitals. While cybercriminals do what they are good at, the blame also falls to institutions who do not take their online security seriously and that is what happened at Hancock Health hospital.

What happened

On the night of January 11th, Hancock Health hospital in Greenfield Indiana suffered a sophisticated cyber attack in which its entire network was compromised by a hacker who displayed a message on the computer system demanding ransom money in Bitcoin, a popular cryptocurrency used in making anonymous transactions that are almost impossible to trace.

In return, the hospital administration decided to shut down its system to stop the hacker from spreading their infection and contacted a cybersecurity agency and the Federal Bureau of Investigation (FBI).


In a conversation with Green Field Reporter, the CEO of Hancock Health hospital Steve Long has confirmed the hack although he refrained from providing any further information including what the damage was, whether the hospital paid a ransom or whether its system is back online or how much ransom the hackers asked for. However, Long believes that no personal medical information was stolen.

Hackers demand ransom in Bitcoin after taking over hospital servers
A notice on the entrance door of Hancock Health hospital / Image Credit: Green Field Reporter

At the moment it is also unclear how the hacker was able to hijack the entire system but Long confirmed that it was not a result of a worker falling for some phishing or malware-infected email, therefore, more information will be out once the authorities complete the investigation.

“This was not a 15-year-old kid sitting in his mother’s basement,” Long told Green Field Reporter.


According to Green Field Reporter, the hospital paid $55,000 (4 Bitcoin) to get the decryption keys for their data. “The hackers targeted more than 1,400 files, the names of every one temporarily changed to “I’m sorry.” They gave the hospital seven days to pay or the files would be permanently encrypted,” hospital officials said.

Not for the first time

This will not be the first time when a hospital has suffered a malware attack that locked employees out of their computers and led to ransom demand. Previously, hospitals across England, United Kindom were compromised by hackers who demanded $300 in Bitcoin. The attack later turned out to be one of the nastiest ransomware attack called WannaCry.

In another incident, Hollywood HealthCare Facility computers suffered a cyber attack. As a result, hospital staff lost access to patients’ data and their email accounts. The attackers demanded ransom in whooping 9,000 Bitcoin which was $3.6 million at that time (currently $127 million – 104 million Euro).

How to beat ransomware attack?

It might not be easy for unsuspecting users to beat ransomware attack but it is not that difficult either. You can handle the situation if you have a backup of your data and walk out as a winner. Just like Sacramento Regional Transit System in California who were held for $7,000 ransom but rather than paying ransom the authorities dismissed the threats given by hackers and restored the locked file with a backup.

The victims can also try their luck with “No More Ransomware” portal that recovers encrypted data for free. As of July 2016, the portal had helped 2,500 ransomware victims by recovering their data and saved $1million (1.3 million Euros).

Related Posts