GENEVA — Less than two years after a "ransomware" attack disabled some electronic systems for close to a week, Finger Lakes Health is again the victim of what officials are calling a recent "cyber incident."
In response to an inquiry from the Finger Lakes Times, Lara Turbide, FL Health's vice president of community services, sent a press release to the Times Thursday afternoon. She said the agency's information services team was able to respond to the latest incident quickly and the scope was limited.
The release also included the following statement from Dr. Jose Acevedo, president and chief executive officer of Finger Lakes Health:
"I am grateful for the responsiveness, expertise, and commitment of our information services team and all our employees whose efforts ensured that all patient and resident services continued," Acevedo said. "Unfortunately, being prepared for these types of acts is the new environment in which we practice medicine, conduct business, and live. Our systems and staff response allowed for our critical mission of caring for our communities to continue uninterrupted."
Turbide added that FL Health's "immediate action to reduce connectivity was effective and served an important purpose. No patient/resident services were discontinued. While our response and investigation is ongoing, there is currently no indication that any patient, resident, employee or student data was subject to unauthorized access."
The agency reported the incident to the state Department of Health, per required protocol, and the FBI.
"It remains an active investigation," Turbide said. "As always, we appreciate our communities' support."
In March 2018, specific FL Health files were encrypted by an unknown entity demanding payment for the agency to gain access to the systems. Computers and other electronic systems were shut down within an hour of the agency being notified of the attack.
FL Health worked with IT professionals, both internal and external, to resolve the issue and bring the systems back online in a step-wise approach.
During that time, the agency used "downtime" paper procedures, which are generally used for situations including weather emergencies, power outages or other situations that cause limited electronic access. FL Health also was told by security experts that no patient, resident or employee data was compromised.
With the exception of some colonoscopies being canceled shortly after that attack, all scheduled medical procedures were performed. Medical equipment was not impacted by the online shutdown.
The FBI also investigated that attack, although no arrests were ever reported. Finger Lakes Health later confirmed that a "ransom" payment was made by the agency's insurance carrier, but the agency repeatedly declined to say how much ransom was demanded or paid.