Minnesota Facility Paid Hacker’s Ransom Demands

Minnesota Mental Health Facility Falls Victim to Ransomware Attack

Associates in Psychiatry and Psychology, located in Rochester, Minnesota discovered its files had been locked with the ransomware variant deemed Triple-M on March 31, 2018.  Beyond locking the facility’s files, the attack also disabled the computers’ system restore functions and reformatted the network storage device; which was particularly frustrating, considering this is where the practice kept its local backups.

The data stored on the affected computers included patient names, addresses, birthdates, social security numbers, as well as insurance and treatment data.  Fortunately, the Minnesota facility kept all of this information encrypted for security purposes.

After officials determined there had been a ransomware attack,  all systems were taken offline, in an attempt to prevent further spread of the malware.  Systems remained offline for four days; meanwhile, the clinic launched an investigation. The organization could not find any evidence that patient data was compromised.

According to Becker’s Hospital Review, the mental health facility decided to pay the ransom, of $3,673.78 on May 30, 2018.

Other Ransomware Attacks

For a list of ransomware attacks that have already taken place in 2018, you may click here. We have also created a map, see below, of the ransomware attacks that have taken place in the U.S.

2,240 total views, 12 views today

(Visited 1,908 times, 1 visits today)

5 thoughts on “Minnesota Facility Paid Hacker’s Ransom Demands

  1. I have pcmatic but a hacker got to my pictures on my computer and I can’t do anything. I had a message on text that I did not recognize the number and began with “some has stolen your pictures”. I did not open the text and trashed it. Why did pcmatic stop it? Tom W

    • Thomas, this sounds like a tech support scam hit your computer. These are fake scams that tell you someone has taken your data or locked your computer so you’ll call them and pay. You can read more about them at http://www.fakevirusscam.com! You did the right thing closing the window down.

  2. If you store backups where hackers can reach them, then you can anticipate having to pay the ransom. That sort of encouragement to these criminals makes it difficult for the rest of us. Large organisations like these should have a more aggressive IT department, and directors should be made aware of the chaos a ransom attack can cause, by going through an exercise in simulated data lockup.

    • This is not a large organization. I doubt they have an IT department. They probably hire a person as needed to handle their IT needs.

      • @PS:
        They certainly have an IT Director, and given the sensitive and confidential nature of their records, keeping backups where they are vulnerable to attacks, is really IT 101.

Leave a Reply

Your email address will not be published. Required fields are marked *