A
doctor’s office in Battle Creek, Michigan was forced into closure after hackers
infected its systems with ransomware, compromising everything from patient
records to billing information.

Doctors William Scalf and John Bizon reportedly told local TV station Newschannel 3 that ransomware locked up the systems at their co-owned Brookside ENT and Hearing Center. The attackers demanded $6,500 for the decryption keys.

The
duo refused to pay the relatively low ransom demand, claiming there was no
guarantee the attackers would stick to their end of the bargain, or that they
wouldn’t strike again. Instead, they decided to close the clinic.

The FBI has been called in to investigate. With the investigation still ongoing, details are scarce. For example, the ransomware type used in the attack is currently unknown. For some of the most infamous pieces of ransomware, Bitdefender has decryptors to help victims recover their files.

The
Newschannel 3 report also reveals a worrying case involving a 13-year old
patient whose mother is devastated that her daughter’s medical records are
gone. The girl is scheduled for a follow-up after an infection post-surgery.

“What am I going to do now because she just had surgery, who is going to follow up?” said the mother, Ann Ouellette. “I’m going to have to start all over again, they don’t know all of what happened during the surgery.”

It’s a mystery why the two doctors chose not to try and salvage the business by paying the ransom (considering that any medical practice, no matter how small, is most probably worth a lot more than $6,500). Granted, the rule of thumb is to not cave in to the hacker’s demands, but in some situations it’s the only way to get the data back. And when lives are at stake, it’s probably worth considering. Hopefully Brookside ENT and Hearing Center will provide an update on the incident soon.

This
just goes to show, again, how big an impact ransomware can have on healthcare
institutions and patients. Last year, cyber-criminals bombarded hospitals and clinics
with various types of attacks, causing substantial turmoil in the industry.
2019 is projected to follow a
similar path
, but according to some studies, healthcare institutions are
starting to invest more seriously in cyber-defenses.