Study Finds Ransomware Cost AZ Health Care More Than $2.7 Million Since 2016

By Nicholas Gerbis
Published: Monday, February 17, 2020 - 5:05am
Updated: Monday, February 17, 2020 - 8:13am
Audio icon Download mp3 (1.32 MB)

Ransomware attacks involve hackers locking people out of their own data and demanding a payoff to regain access.

But when patient data is held for ransom for hours or months, lives are on the line.

A new report by Comparitech identified 172 ransomware attacks on U.S. health care groups since 2016.

Those attacks cost an estimated $157 million in downtime and delayed treatment for more than 6 million patients.

Comparitech editor Paul Bischoff says companies should minimize human error through training.

"The second thing is creating backups regularly and, soon as the backup's completed, they're on a separate storage network that's not connected to the rest of the hospital's network, so it can't get infected," he said.

In Arizona, three attacks affected nearly 12,000 people and totaled $2.7 million to $4.2 million in downtime.

The victims included a cosmetic surgery provider, a retirement community and a clinic.

The study based its tallies on the states in which a medical company was headquartered.

California accounted for 14.5% of the attacks, but the state is also home to 12 percent of the U.S. population and a high concentration of health care providers.

By contrast, Michigan providers suffered only 5 ransomware attacks but saw 1.1 million people affected by just two incidents: one at a medical supply company, the other at a medical billing company.

Both have clients located in more than one state.

Science