A vendor of health information technology has restored access to electronic health records (EHR) after it suffered a ransomware attack. On 24 April, EHR and revenue cycle management solutions provider Greenway Health disclosed the ransomware incident to its customers. CEO Scott Zimmerman said there was no evidence that those responsible for the attack exfiltrated or misused patients' data. He also made it clear that the company had data backups in place and that it expected the attack had affected only some users of its Intergy medical practice management solution. As Zimmerman explains in a company statement:
"Based on our current understanding of the circumstances, we have no reason to believe this attack will extend to our customers on other platforms. Though we build extensive safeguards into our products and services, no Internet-based system is completely immune from attack. We are continuously focused on evaluating additional measures that we may take to further enhance our defenses against cybercrime."
In total, the incident is believed to have affected 400 medical practices, or about five percent of the provider's customer base. Details regarding whether Greenway decided to pay the ransom or how much the attackers demanded from the company have yet to come out. But it appears the organization is making some headway in its recovery efforts, which is still ongoing as of this writing
A spokesperson for Greenway revealed as much to Information Security Media Group on 1 May:
"Greenway Health employees and third-party rapid response teams have been working around the clock to restore access to affected Intergy hosted customers. We have now restored EHR and practice management functionality to all affected practices. We deeply regret any disruption this cyberattack has caused our customers and their patients, and we are grateful for the patience and support they have shown."
Companies like Greenway need to be prepared to respond to a ransomware infection as quickly as possible. One way they can do that is by regularly backing up their data. They should also follow these strategies to prevent a ransomware attack from occurring in the first place.
