Ransomware Attack Sends Georgia Hospital Back to Pen and Paper

A hospital in Bainbridge, in the US state of Georgia, was forced to abandon computer systems and revert to pen and paper after a crippling ransomware attack.

On Sunday, Nov. 3, Memorial Hospital and Manor posted a message on Facebook (now removed) warning that hackers had breached its systems and deployed data-crippling malware.

Antivirus protection software had triggered warnings, but staff apparently learned of the hack when it was too late to take action.

The 80-bed hospital says its Electronic Health Record (EHR) system was downed by the malware infection but assures patients and anyone else concerned that the issue is being contained. It also promises to be transparent about the breach.

“This impacts access to our Electronic Health Record system. While we believe this issue will not impact either the level or the quality of care we provide to our patients, we want to be fully transparent regarding this situation,” the hospital said. 

Back to pen and paper

Memorial has started an investigation into how hackers might have breached its systems, and it’s seeking solutions to restore the affected systems.

With computers out, it also indicates that staff may be overwhelmed with requests, as they’re forced to resort to pen and paper.

“Once we learned about the incident, we immediately initiated an internal investigation and are working toward a solution,” the notice continues. “We are currently evaluating our options for restoration and recovery at this time. Please bear with us as you may experience longer wait times when you come to either the hospital or physician offices as we are working on a paper based process.”

According to reports, the attack was claimed Tuesday by the Embargo ransomware crew – known to target healthcare units and apply the double-extortion technique if the victim refuses to pay a ransom.

The cybercrime gang claims to have exfiltrated 1.15 TB of data, which it threatens to leak if a payment is not made. If the size of the dataset is accurate, Embargo could be on the cusp of leaking a trove of sensitive information, including EHR records (lab results, radiology images, billing information), hospital data, and personally identifiable information of patients and staff alike.

Protect your data

Memorial has yet to formally acknowledge that the attack may put people's data at risk. Data dumps from breaches are typically sold on the underground web to fraudsters and scammers – and healthcare dumps are among the most lucrative in this sense.

Anyone affected by a data breach should consider a data monitoring service, like Bitdefender Digital Identity Protection, to find out if your data has leaked online, what type of information was compromised, what risks you face, and whether your information is for sale to fraudsters on the dark web.

If you’re a Memorial customer, past or present, look out for any unsolicited communications citing your personal data. For peace of mind, consider using Scamio if you're suspicious of a certain phone call, email or SMS.