The New Jersey Spine Center was hit with a variant of CryptoWall ransomware on July 27, 2016 that encrypted its electronic health record and its backup files. A double whammy.
28,000 patient records, including names, addresses, Social Security numbers, credit card numbers, and account information were part of the files that the hackers were able to encrypt. The Spine Center paid the ransom to the hackers and received the encryption key to unlock the data on August 1.
CryptoWall is known to spread through email attachments infected with malicious code, malvertising, and websites hosting exploit kits.
Ransomware continues to be a huge problem for health care entities, and education and awareness for employees is essential to combat this continuing problem.