Over 100 Nursing Homes Impacted by Ransomware Attack

Virtual Care Provider, Inc. (VPCI) is a provider of data hosting services, security and access management to healthcare organizations. Its network of 110 nursing homes was disrupted by a ransomware attack launched on November 17, 2019. With over 80,000 computers and servers from its various clients connected to VCPI’s network, the damage was widespread. All hosted data was hidden by encryption and a $14 million-dollar ransom was demanded to access and unlock the stolen files. Since VCPI could not afford the ransom, several of its clients were eventually forced to shut their doors.

When a nursing home shuts down, patients without family have nowhere to go. According to an internal spokesperson, all of VCPI’s core offerings were affected including internet service, email, access to patient records, client billing, phone systems, and VCPI’s payroll. Ransomware attacks are preventable if a company actively looks for signs of intrusion. The November 2019 attack was reported to have begun as early as September 2018, when malware was installed through a phishing email to one of VCPI’s employees. Up until the point of the ransomware deployment, preventative measures can divert this kind of attack even after malware has been installed. Once the ransomware is triggered though, it can disable antivirus, run customized scripts and deploy itself widely and infect the entire network.