17 Million Patient Records Stolen in PIH Health Ransomware Attack

A ransomware attack halted operations across three of PIH’s hospitals.

By Jeff Wardon, Jr., Assistant Editor


PIH Health suffered a ransomware attack that paralyzed operations across three of its hospitals, urgent care centers, doctor’s office, and a home health and hospice agency in California, Whittier Daily News reports. The attack forced staff to use manual documentation and personal devices, which has slowed down operations.  

Hackers claim to have stolen 17 million patient records, including confidential medical and personal data, and demand negotiation in exchange for a decryption key. PIH has acknowledged disruptions but has not confirmed the breach or ransom demands, according to the report. 

Ransomware attacks are becoming a common threat for healthcare facilities to face. They are a major target for ransomware attacks due to the perception of them not having robust cybersecurity protection, Eric O’Neill, former counterterrorism and counterintelligence operative for the FBI, previously told Healthcare Facilities Today. Further complicating matters is the idea that healthcare organizations are likely to pay up on a ransom. 

Related: Alleged Ransomware Administrator Extradited from South Korea

“They are perceived as generally paying because patient care suffers when systems go down,” says O’Neill. “Cyber attackers also know that the healthcare industry maintains very critical data that can cause massive reputation-related harm and severe downstream damage in identity theft. Because of this, they're perceived as being more likely to pay to get their data back or for the cybercriminal to destroy the data and not publish it on the dark web.” 

To defend against and prepare a response to ransomware, CNA recommends that healthcare facilities consider these steps:  

  • An assessment of potential cyber threats and how they may disrupt things, from small inconveniences to operational disruptions 
  • A comprehensive review of the healthcare facility’s mission-critical operations and the personnel, tools, facilities and systems needed to fulfill these operations 
  • Setting clear criteria for making major decisions 
  • Backup plans for keeping operations going in without systems such as phones, emails or electronic files 
  • Have plans for internal and external communications, including important contact in case internal address books can’t be used 
  • Have response plans specific to when partners – including critical vendors, nearby healthcare facilities or local government – are disabled by a cyberattack

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



December 20, 2024


Topic Area: Information Technology , Security


Recent Posts

Retrofitting Healthcare Facilities for EV Charging

With EV adoption growing, healthcare facilities may face some challenges when retrofitting their buildings for charging.


Healthcare Real Estate: Challenges and Industry Shifts for 2025

The hurdles include balancing expansion with financial constraints, the sustainability of office and retail conversions, and technological disruptions.


Geisinger to Build $32 Million Cancer Center in Pennsylvania

The two-story, 40,000-square-foot facility will be home to the cancer center with space for future growth of services.


Sunflower Medical Group Experiences Data Breach

To date, Sunflower has no evidence that personal information has been misused.


Strategies to Eradicate Biofilm Containing C. Auris

Understanding the speed and risks of contamination after room disinfection should inform managers’ environmental cleaning recommendations.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.