Ransomware Attacks at GBMC HealthCare, Allegheny Health Network, AMITA Health, Bayhealth and University of Vermont Medical Center

GBMC HealthCare located in Towson, MD reported a ransomware attack that happened on December 6, 2020 causing the taking down of its computer network. The healthcare company currently implements EHR downtime protocols while it controls the attack. GBMC HealthCare had prepared for such an incident and had procedures ready to be sure that it can proceed to deliver patient care while lessening service interruption.

GBMC Healthcare still gives patients safe and quality care. Its emergency team didn’t halt accepting patients; nonetheless, a few elective operations planned for December 7 were delayed. GMBC is working hard to restore systems online and regain the encrypted information. The attack is already reported to authorities who are investigating the incident. The Egregor ransomware gang has said it is behind the breach.

Blackbaud Ransomware Attack Also Impacted Allegheny Health Network, AMITA Health, and Bayhealth

Allegheny Health Network based in Pennsylvania, AMITA Health based in Illinois, and Bayhealth based in Delaware recently reported that the Blackbaud ransomware attack also impacted their companies. The healthcare providers used the software and cloud computing services of Blackbaud to manage their fund-raising information and donor listings.

Blackbaud told the three healthcare companies that the attack did not result in the compromise of any credit card data, bank account details, or social security numbers, however, the attackers stole some protected health information before deploying the ransomware. Blackbaud paid the attackers their ransom demand and was assured that they will destroy all stolen data and will never sell, publish, or misuse any of the stolen data.

One of the worst affected companies was the Allegheny Health Network. The attackers stole the records of 299,507 persons in the attack. AMITA Health had breached records of 261,054 individuals while Bayhealth had breached records of 78,006 individuals.

University of Vermont Medical Center Ransomware Attack Cost Can Go Over $63 Million

Ransomware attacks can turn out to be incredibly expensive. According to the report by hospital president Stephen Leffler, the University of Vermont Medical Center ransomware attack in October 2020 cost over $1.5 million each day due to lost income and higher expenditures, and that does not include the expense of systems recovery. The ransomware attack happened on October 28, 2020. The University continues to experience losses 42 days after the incident. Lost income and expenditures could possibly go over $63 million.

The hospital has already re-established a lot of systems and is working, but 30% of the 600 apps the hospital uses continue to be inactive and there are still disruptions in several areas. The majority of the radiology systems are already restored, though doing so took about six weeks. Cancer treatment functions remain not completely recovered. Sleep studies were not yet restarted. It has not yet addressed the backlog of delayed appointments. Inputting handwritten information into its medical record systems may take a couple more weeks.

About Christine Garcia 1299 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at https://twitter.com/ChrisCalHIPAA