Allscripts Ransomware Attacks American Health Care Solution
Allscripts Ransomware attack on an American company Allscripts Healthcare Solutions caused a sudden panic moment when client base of 1500 medical practices was compromised.
The EHR on Allscripts cloud facility Raleigh and Charlotte, North Carolina detected an attack from SamSam ransomware. The cyber incident of ransomware attack accessed the patient records and stole data.
As the organization failed to secure its system and data from the cyber attack, the lawsuits filed against Allscripts!
A short time later, teams of Microsoft, CISCO and Mandiant were called to help. Though there are no signs on how the attack was carried, the response team was able to recover the systems.
While the services were restored, an access to the system was a different matter.
In this article, we will cover Allscripts data breach that victimized the company, customer and patients. Additionally, we’ll present all the updates of the news on healthcare’s ransomware attack 2018.
Impacts of Allscripts Ransomware Attack
Allscripts brought services back online, but the actions couldn't meet customer expectations. To customers, getting things online meant everything was normal, but that wasn't the case at all.
Due to Allscripts downtime, there were some issues related to EPCS services and Allscripts Practice Management (PM). About 1500 medical practices representing hundreds of doctors and thousands of patients were impacted by the attack.
Allscripts has a client base of 1,80,000 physicians, 45,000 ambulatory facilities, 17,000 post-acute organizations and 2,500 hospitals. However, it is still unclear whether the Allscripts Ransomware attack hit the client base or not!
The providers couldn’t access the patient records! Lawsuits argued that company never monitored its system properly thus failed to secure the data breach from Allscripts ransomware attack.
Customer Reviews on Allscripts Client Forum
A lot of talks is going on but no one is really saying anything! One customer said, “It has been 6 days and I am not yet restored. The communication gap between customer, patients and clients is hurting everyone financially.”
To the customer's response, the company said;
Allscripts serves many clients and each has experienced different effects due to the result of this incident.
One Allscripts customer said, “he requested a business continuity plan from the company months before the ransomware attack but nothing ever came of that request.
Dr. George Kefalas, specialized in pulmonary medicine and pulmonary critical care, said, “due to attack his staff was unable to access medical records for their 8,500 patients. Without that data, the practice was shut down.”
To recover the data stolen in Allscripts ransomware attack, officials paid a whopping amount of $55,000.
While after the attack, Allscripts said, “it prepares employees for various incidents, but it's not clear whether prevention against ransomware attacks was a part of their training sessions or not.”
Is Allscripts Recovered?
A letter to customers from CEO Paul Black said, “The company will replicate professional EHR, will use multiple Storage Area Networks and virtual environments to speed the recovery of files and data.”
The final efforts of recovery are completed and it is advisable to all patients, clients and customers to inquire about all features before accessing the portal again.
The execution of the response plan was on time but Allscripts couldn't communicate verbally with people to avoid confusion. There was no support and update team at ClientConnect forum to give a response to customers and patients.
Though the company took straight 7 days to overcome the cyber attack of Allscripts ransomware, it is still unclear whether the system is completely back to normal or not. And if not, then for how long people should rely on the replica of the original online system.