Hollywood Presbyterian Medical Center 2016: Medical Systems Outage
- Matilda Drummond

- Jun 10
- 2 min read
Updated: Jun 16
Series: 2 Minute Case Studies
Root Cause Themes: Cybersecurity
Summary
In February 2016, Hollywood Presbyterian Medical Center lost access to its entire network, including critical electronic health records (EHR) and internal communications, for 10 days following a targeted ransomware attack.
Key Impacts
Clinical Disruption: Physicians lost electronic access to patient charts, lab results, and medical reports.
Patient Care & Safety: Emergency rooms were compromised, and critical patients had to be moved to alternative facilities.
Financial Capitulation: The hospital paid a $17,000 ransom (40 Bitcoin at the time) to regain access to decryption keys, establishing a dangerous precedent. Training and processes can be key to establishing a course of action that is proactive instead of panicked and reactive.
Vulnerabilities & Root Causes
Attacker Profile: The breach was allegedly executed by two individuals operating out of Iran as part of a wider, 34-month campaign targeting over 200 institutions.
Delayed Detection: The ransomware was misdiagnosed during the early stages, delaying containment protocols on the larger global attack, and highlighting how hard it is to stop damage from spreading once it has started.
Infrastructure Vulnerabilities: Given the extent of the damage, questions were asked about the hospital's use of data backups and encryption prior to the attack.
Further Implications
Paying the ransom validated the attackers' business model and contributed to an estimated 1.7 million subsequent copycat attacks globally.
Ransomware-as-a-Service (RaaS) increases the likelihood of these events occurring, because the sophisticated and debilitating encryption tools are commercially available to low-skill threat actors.
Sources
Yokohama, S. (2018) Business management and cybersecurity for executives. Tokyo: Parade Inc. Books.
Justice.gov. (2018). Two Iranian Men Indicted for Deploying Ransomware to Extort Hospitals, Municipalities, and Public Institutions, Causing Over $30 Million in Losses. [online] Available at: https://www.justice.gov/archives/opa/pr/two-iranian-men-indicted-deploying-ransomware-extort-hospitals-municipalities-and-public
Enjoyed this breakdown? Follow for more case studies on how to identify hidden vulnerabilities and protect your organization. Let us know in the comments if there is a specific type of risk you want to know about!
Disclaimer: This is a high-level summary of a complex event with numerous compounding operational and legal variables.




Comments