Hackensack Meridian Pays Hackers After Cyber Attack: Reports

HACKENSACK, NJ – Hackensack Meridian Health, one of New Jersey's largest hospital systems, paid hackers an undisclosed sum to regain access to its computer systems following a ransomware attack, according to reports.

In early December, the healthcare network experienced a disruption to its computer systems that affected services at its 17 hospitals and clinics across the state,Asbury Park Press reported.

The ransomware attack brought down Hackensack Meridian's computers for two days, during which facilities were forced to reschedule about 100 non-emergency procedures and revert to using paper medical records, the newspaper reported.

The healthcare network said the attack didn't cause hospitals to send patients elsewhere nor did it see a drop in emergency room visits, according to the report. The network's hospitals include Hackensack University Medical Center in Hackensack, Jersey Shore University Medical Center in Neptune and JFK Medical Center in Edison.

Ransomware is a malicious software that locks computers until the victims make payment, which can span from thousands to millions of dollars.

Cybersecurity experts, including the FBI, generally discourage organizations from paying ransoms, saying that complying with demands gives criminals an incentive to launch an attack. There have been instances in which hackers have not unlocked computer systems even after getting their ransom money, HealthcareITNews reported.

According to a report in the Asbury Park Press, the undisclosed sum paid out by Hackensack Meridian was covered by an insurance plan that helps costs related to cyber attacks.

The Edison-based non-profit's primary clinic systems are back online again and its IT teams are working to restore other applications, the report said.

Hackensack Meridian has also hired cybersecurity and forensic experts to investigate the attack, as well as alerted the Federal Bureau of Investigations. At this point, the healthcare system doesn't believe patient or employee data has been accessed by unauthorized users, the Wall Street Journal reported.

In recent months, there have been several other ransomware attacks on health systems and hospitals, which have been increasingly digitizing operations and records.

In 2019, healthcare providers have reported more than 450 breaches that affected operations, according to a U.S. Department of Health and Human Serviced database.

Comments are closed.