Cass Regional Medical Center, a Missouri health care center, announced on their Facebook page that they have been affected by an undisclosed ransomware. This incident affected their internal communications system and their electronic health record (EHR) system.

According to Cass Regional Medical Center, they became aware of the attack at 11 am and though some systems were affected, they have said that there is no evidence of patient data being accessed. To be safe, their EHR vendor has decided to shut down the system until the attack has been resolved.

"Hospital leadership initiated the organization’s incident response protocol within 30 minutes of the first signs of attack," a post to their Facebook page stated. "Patient care managers met to develop detailed plans to ensure that patient care continued to be provided in a safe and effective manner, while information technology and senior leaders are working with law enforcement and cybersecurity experts to develop a quick resolution to the situation."

Attacks like this are a strong reminder that while ransomware incidents have decreased, they have not gone away. Consumers and the enterprise must continue to remain vigilant, create working backup implementations, secure their infrastructure, and make sure that security software is not only installed, but also updated.

While it is not clear how the medical center's computers/servers were infected, they have contacted law enforcement and are using outside help in resolving this matter., 

“Our primary focus continues to be on our patients, and meeting our mission to provide health care services to our community,” said Chris Lang, CEO of Cass Regional Medical Center. “We are deploying every resource available to us to resolve this situation quickly so we can resume normal operations.”

BleepingComputer has contacted Cass Regional Medical Center for more information and to offer help identifying the ransomware. We were told that they would post more information on their web site and Facebook page later today.

This is a developing story and will be updated as more information becomes available.

Related Articles:

The Week in Ransomware - November 9th 2018 - Mostly Dharma Variants

SEO Poisoning Campaign Targeting U.S. Midterm Election Keywords

The Week in Ransomware - November 2nd 2018 - RaaS, DiskCryptor, & More

New Ransomware using DiskCryptor With Custom Ransom Message

CommonRansom Ransomware Demands RDP Access to Decrypt Files