Finger Lakes Health hit by ransomware attack

by | Mar 27, 2018

Geneva, NY-based Finger Lakes Health has been hit by a ransomware attack that has impacted its computer system. Employees have been forced to work on pen and paper while the health system tries to remove the malware and restore access to electronic data.

The ransomware attack on the health organisation began at around midnight on Sunday March 18, 2018, with employees becoming aware of the attack when a ransom demand was issued by the hackers.

Finger Lakes Health manages Geneva General Hospital and Soldiers & Sailors Memorial Hospital in Pen Yan and several specialty care practices, primary care physician practices, long-term health centers, and day care clinics in upstate New York. It is not clear exactly how many health centers have been affected by the ransomware attack.

Finger Lakes Health has put in place emergency procedures for attack scenarios such as this, which were immediately adapted when the attack was identified. On March 20, the health system released a statement to local media channels about the attack outlining that while some of its information systems were inaccessible, its manual downtime protocol had been put in place and its hospitals and care facilities were still functioning. Such an attack will clearly have an impact on the provision of medical services, although patient care is still the main priority while the ransomware attack is managed.

Finger Lakes Health is working alongside law enforcement agencies and IT teams to restore access to data and bring its systems back to full functionality. Currently it appears that the hackers have only encrypted data. There is no proof to suggest that any patient or employee information has been accessed.

No details on the type of ransomware used in the ransomware attack has been issued and it is not clear exactly how much was requested by the hackers to supply the keys to unlock the encryption, although Finger Lakes Health’s vice president of community services, Lara Turbide, has stated that the ransom was paid. She said: “We made this decision in the interest of patient and resident care to minimize patient inconvenience and to move past this incident as quickly as possible”.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy