On 7 June 2019, Park Duvalle Community Health Center, located in Louisville, KY, was hit with a ransomware outbreak that significantly hindered patient care and hospital administration. Park Duvalle is a nonprofit facility providing care for uninsured and low-income patients. Since the attack, Park Duvalle has been recovering their systems and does not anticipate functionality until 1 August 2019 taking them offline for a total of approximately 2 months.
In April 2019, Park Duvalle Community Health Center (PDCHC) was targeted with an unspecified variant of ransomware which encrypted files on their network and requested a ransom in exchange for decrypting the files. After consideration, the staff at PDCHC restore files from backups, to avoid paying any ransom. At the time it took PDCHC 3 weeks to restore their files from their backup and make the network fully functional.
Although the ransom was not paid after the first ransomware attack, PDCHC was targeted a second time with ransomware; this attack was activated in June 2019. Upon activation, the attackers requested a payment of approximately $70,000 worth of Bitcoin.
After contacting law enforcement and a third-party security vendor, Park Duvalle Health Center decided to pay the ransom to decrypt the data instead of restoring their data from backups.
Link to full report: TR-19-214-001 Park Duvalle_FINAL.pdf