Tsurugi, Tokushima Pref. – A hospital server in Tsurugi, Tokushima Prefecture, western Japan, was hit by a ransomware attack at the end of October.
Electronic medical records of around 85,000 patients became inaccessible after Handa Hospital received a threat saying that it would have to pay ransom if it did not want the data to be released. The municipal hospital refused to pay the money.
The hospital was forced to stop admitting new patients. “Every day was hectic, as if we were on a battlefield” in the two months until Jan. 4, when it resumed regular medical examinations, said Toshiya Maruzasa, head of the hospital’s administration.
Handa Hospital created paper-based medical records for repeat patients by asking them questions on past treatments. It collected as much patient information as possible by asking nearby pharmacies to send data on drugs prescribed in the past.
Hospital staff also had to check whether equipment outside of the hospital that was connected to the server were also affected by the ransomware.
They worked through the year-end and New Year holidays even after the server containing the electronic medical records was restored on Dec. 29, to prepare for the resumption of regular medical examinations.
The hospital resumed regular medical examinations at all 13 departments on Jan. 4. “Although I was worried (about the hospital’s situation) after watching the news, I can now breathe a sigh of relief,” said a woman in her 20s, who visited the hospital that day.
How the server was hit by the ransomware attack remains unknown. But there have been no traces of the medical records being compromised, according to the hospital. Handa Hospital is planning to set up a panel of experts to discuss preventative measures.
Yasushi Suto, a doctor who oversees the hospital’s operations, said that data needs to be recorded “not only electronically but also on paper.”
Isao Itabashi, chief of research at the Council for Public Policy, a nonprofit think tank, who is well-versed in cybersecurity, stressed the importance of taking basic measures, such as opening emails after checking the sender.
“Some companies train employees not to open suspicious emails by sending such messages without any advance notice, and hospitals need to take similar measures,” Itabashi said.
In a time of both misinformation and too much information, quality journalism is more crucial than ever.
By subscribing, you can help us get the story right.