Hackensack Meridian Health hit by ransomware

Featured image

Share this article

Hackensack Meridian Health hit by ransomware

Last Friday, Hackensack Meridian Health, based in Edison, New Jersey, issued a statement regarding a ransomware attack on its systems December 2.

Hackensack Meridian Health is New Jersey’s largest hospital system, consisting of 17 hospitals, nursing homes, and outpatient centers.

The organization states that in a targeted cyberattack using ransomware, their software systems—from scheduling to billing—were encrypted and crippled for days though they are currently back online and operational.

Hackensack Meridian Health paid the ransom in exchange for access to their data though the organization has not clarified how much was paid or if the data has been completely recovered.

How prepared is the healthcare industry?

Given the daily reports of breaches from Health and Human Services (HHS), it is apparent that the healthcare industry is not as prepared as it could be to deal with cyberattacks.

According to HHS, over 650,000 records were breached in October alone and 38 million records so far in 2019.

Moreover, there appears to be a trend for health organizations to pay a ransom even though the FBI, HHS, and security professionals advise against it.

Among the reasons to not pay is that there is no guarantee hackers will return or decrypt the files rather than demand more ransom.

But healthcare organizations weigh the data at risk against recovery time, with a spokesperson for Hackensack Meridian Health stating, “We believe it’s our obligation to protect our communities’ access to health care.”

Security professionals suggest that the healthcare industry needs to see cybersecurity “in the same way that we try to combat the spread of germs with constant reminders and [the] availability of anti-bacterial hand wash.”

While breaches are inevitable, like the common cold, they can be combatted with a strong security system in place as well as up-to-date awareness training.

Purchasing cyber insurance and paying the ransom, as Hackensack Meridian Health did, may help in the short run but is not a long term solution.

HIPAA compliance can prevent ransomware and ensure a quick recovery for affected healthcare organizations.

Encrypting and securing employee emails with Paubox Email Suite Plus is the first step to take to ensure your organization is HIPAA compliant and to secure your organization and the healthcare industry from cyberattacks in the future.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Rick Kuwahara

Rick Kuwahara is COO and Chief Compliancy Officer for Paubox.

Read more by Rick Kuwahara

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022