Miami Family Medical Centre able to access/recover ransomed patient records; didn't pay ransom (UPDATED)
Danny Garcia reports on some good news for Miami Family Medical Centre in Australia. As I previously noted, their patient records had been encrypted by an overseas hacker who was demanding ransom to give them the encryption key:
Garcia reports that Essential IT Services, a Gold Coast based reseller, was able to get them back into their data.
One of the take-home messages from this incident was that you should not leave your backups on the same server and connected to the Internet. The medical center had backups, but they, too, had been locked.
“The backup system in place was pretty good but the recovery of the data and getting them up and running has been a bit of a job”, said Jason Fillmore, who is the managing director at the reseller firm.
Fillmore said hackers have not left a single stone unturned to make the case complicated. But, it was great to know that their client has recorded their backups on DAT as well. Work is going to repair the system, said Fillmore, who affirmed that the centre system will be fully operational by next week. It means that the centre will be back after one week, which is after two weeks of attack.
Update: Some more details on the hack and why they were able to recover data.