Details:

What Happened?

The Battle Creek, MI. Brookside ENT and Hearing Services medical practice operated by Drs. William Scalf and John Bizon closed permanently in 2019 after a virus deleted patient medical and billing records. The ransomware virus copied all medical data, bills, and appointments and stored them in encrypted files. It then deleted everything, including the back-ups, overwriting the files to make them unrecoverable. In return for a payment of $6500, the hacker promised to send a password that would unlock the encrypted files.

Drs. Scalf and Bizon refused to pay the ransom because, they said, there was no guarantee that they would receive the password, that the password would work, or that the malware would not return. They were unable to recover any of the data or access the encrypted files. Without any patient records, the doctors felt that they had no choice but to close the practice.

The attack had a significant impact on patients. The doctors couldn’t let their patients know what had happened because they no longer had any patient contact information or appointment details. As a result, Dr. Scalf had to stay on for a short period, seeing patients as they turned up and advising them that the practice would be closed. They no longer had access to test results, and patients had to find new healthcare providers.

The attack on the Michigan medical practice comes against a background of increasing cyber-attacks on Michigan and Minnesota medical practices, clinics, and hospitals. Some are too small to have a full-time IT person on staff, and many don’t have a comprehensive IT security strategy.