Ohio medical practice hacked, pays $75K in ransom: report

A computer keyboard with the word ransomware highlighted in red
An Ohio urology practice had its computer system hit by hackers and was ordered to pay $75,000 in ransom. (Getty/BeeBright)

An Ohio medical practice was allegedly hacked earlier this week and told to pay $75,000 in ransom to unlock its computer system.

N.E.O. Urology Associates, which has an office in Boardman, Ohio, agreed to pay the ransom using bitcoin in order to access its computer system, according to a WFMJ TV report.

Police are investigating after the urology practice had its computer systems hacked and information re-encrypted, the news outlet said. A practice administrator reported to police that a fax was waiting for him when he arrived at the practice office requesting that the medical practice pay a ransom in order to access its computer records.

RELATED: Ransomware, phishing attacks top new HHS list of cyberthreats in healthcare

Free Daily Newsletter

Like this story? Subscribe to FierceHealthcare!

The healthcare sector remains in flux as policy, regulation, technology and trends shape the market. FierceHealthcare subscribers rely on our suite of newsletters as their must-read source for the latest news, analysis and data impacting their world. Sign up today to get healthcare news and updates delivered to your inbox and read on the go.

The medical practice then reportedly contacted its IT firm, which said it suspected the hack originated in Russia. According to a police report, the IT firm used a third party to pay the hackers to remove the malware. The urology practice told police that the hackers so disrupted their computer system that it took two days to access their records. Police said the administrator estimated a revenue loss between $30,000 and $50,000 per day.

N.E.O. Urology did not respond to a request for comment from FierceHealthcare.

Ransomware is a growing threat, and other medical practices have been targeted by hackers. In April, a Michigan medical practice decided to close its doors after hackers deleted all of its patient records when doctors refused to pay a ransom.

The two doctors, who were partners at the Brookside ENT and Hearing Center in Battle Creek, decided to retire early rather than try to rebuild the practice after they refused to pay hackers a $6,500 ransom in exchange for a code to access the practice’s medical files. The hackers deleted all the records, including files, appointment schedules, payment data and patient information.

In 2018, Indiana-based Hancock Health paid a $55,000 ransom to hackers to release more than 1,400 files and regain control of the clinical IT systems at Hancock Regional Hospital.

The decision to make the payment made the most sense from a business perspective, Hancock Health CEO Steve Long said. Although the files impacted by the breach were backed up and could have been recovered, it would have taken days or weeks to restore them.

Suggested Articles

Boston Children’s Hospital partners with Premier as a step in streamlining management of its supply chain.

CMS' new templates and resources are part of a larger effort to entice states to apply for the waivers to ignore parts of Obamacare.

Medicaid programs in several states fail to fully vet providers at high risk for fraud, according to a new report from OIG.