Ryuk ransomware attacks more than 100 nursing homes in the US

IT company Virtual Care Provider Inc. (VCPI) from Wisconsin (USA), providing cloud-based data hosting, security, and access control to more than 100 nursing homes in the United States, was the victim of an Ryuk ransomware attack.

The ongoing attack prevented medical centers from accessing important medical records, endangering lives of some patients.

“Milwaukee, Wisc. based Virtual Care Provider Inc. (VCPI) provides IT consulting, Internet access, data storage and security services to some 110 nursing homes and acute-care facilities in 45 states. All told, VCPI is responsible for maintaining approximately 80,000 computers and servers that assist those facilities”, — gives a reference IS specialist of the affected company Brian Krebs.

Brian Krebs
Brian Krebs

On November 17, attackers infected with ransomware a VCPI network, numbering about 80 thousand computers and servers, and encrypted all stored data. The criminals demanded a ransom of $ 14 million in bitcoins in exchange for a digital key needed to unlock access to files.

Read also: Developers fixed critical vulnerability in popular Jetpack WordPress plugin

According to VCPI Director Karen Christianson, the attack affected almost all of the company’s core structures, including Internet services and email, access to patient records, customer accounts, telephone systems, and even VCP payment systems used by more than a hundred employees of the company.

Karen Christianson
Karen Christianson

“We’ve got some facilities where the nurses can’t get the drugs updated and the order put in so the drugs can arrive on time. In another case, we have this one small assisted living place that is just a single unit that connects to billing. And if they don’t get their billing into Medicaid by December 5, they close their doors. We have a lot of [clients] right now who are like, ‘Just give me my data,’ but we can’t”, — tells Karen Christianson.

Ryuk ransomware operators usually attack companies with annual revenues ranging from $ 500 million to $ 1 billion. Attacks using this malware were first recorded in August 2018. Then, during one of the attacks, the Ryuk malware operators managed to earn about $ 640 thousand in bitcoins.

The VCPI incident is just the latest in a series of attacks on ransomware against healthcare organizations, which typically operate with minimal profitability and have relatively little investment to support and protect their IT systems.

Tragically, there is evidence to suggest that patient outcomes can suffer even after the dust settles from a ransomware infestation at a healthcare provider. New research indicates hospitals and other care facilities that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among certain patients in the following months or years because of cybersecurity remediation efforts.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

James Brown

Technology news writer and part-time security researcher. Author of how-to articles related to Windows computer issue solving.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button