Dive Brief:
- Hackers broke into computer servers at two more California hospitals, demanding a ransom for the decryption key, Kaiser Health News reported.
- The hospitals, Chino Valley Medical Center in Chino and Desert Valley Hospital in Victorville, are operated by Prime Healthcare Services.
- The incident follows last month’s cyberattack at Los Angeles’ Hollywood Presbyterian Medical Center, for which a 40 bitcoin ($17,000) ransom was paid.
Dive Insight:
Prime Healthcare declined to say if a ransom had been demanded or paid.
“This is similar to challenges hospitals across the country are facing, and we have taken extraordinary steps to protect and expeditiously find a resolution to this disruption,” spokesman Fred Ortega told KHN.
The company said patient safety and records were not compromised by the cyberattack, and the two hospitals remain open. The FBI is investigating the incident.
The recent attacks have led lawmakers and the Federal Trade Commission to call for stronger laws and regulations to protect against ransomware attacks and heightened awareness when attacks occur, according to Healthcare IT News.
During a joint hearing of the House Subcommittee on Information Technology and House Subcommittee on Health Care, Benefits and Administrative Rules, Rep. Ted Lieu (D-CA) expressed concern the 2009 HITECH Act doesn’t address data that is frozen by ransomware attacks.
In a statement to the subcommittees, the FTC noted concerns about the growing body of healthcare data, due to consumer apps and patient portals, which could be targets for ransomware attacks.