Medical Providers Sue Allscripts for Ransomware Attack
"The failure to have an adequate cyber security system allowed a malicious actor to lock Allscripts’ system."
A ransomware attack affecting Allscripts’ healthcare cloud-based software disrupted patient care for days throughout the country.
Early morning on January 18, Allscripts Healthcare Solutions, an electronic health records (EHR) vendor, was infected with the SamSam ransomware. Allscripts immediately encrypted the affected files to protect patient data, but this blocked client access to key software features for days.
Health care providers were unable to access medical records, billing, and online prescription services, causing some to send employees home and turn away patients.
Our firm filed a class action lawsuit on January 26 on behalf of lead plaintiff Surfside Non-Surgical Orthopedics and similarly affected health care providers who suffered financial losses as a result of Allscripts’ negligence.
What Caused Allscripts' System to Go Down?
The lawsuit alleges that Allscripts did not properly secure its servers, which allowed a strain of the SamSam ransomware to compromise Allscripts’ data centers.
The ransomware that affected Allscripts was a variant of the SamSam malware. This malware is somewhat unique in that it doesn’t rely on email attachments to infect a system, but instead is distributed through unpatched servers. Attackers use the remote desktop function on Windows to change network privileges and distribute the malware.
The company reported that between 2 a.m. and 6 a.m. on January 18, a ransomware attack affected their Raleigh, North Carolina and Charlotte, South Carolina data centers.
Allscripts encrypted files to protect client data, but this blocked client access to electronic health records and prescription services. On January 22, Allscripts reported that the electronic prescription system was restored, but users still couldn’t access medical records.
The class action lawsuit alleges that Allscripts did not properly secure its servers, which allowed a strain of the SamSam ransomware to compromise and incapacitate Allscripts’ data centers.
Allscripts isn’t the first healthcare IT system to be hit with SamSam. Hancock Health, a hospital in Indiana, was infected with the malware on January 11. Hackers encrypted and renamed all of the hospital’s files to “I’m sorry.” The hospital paid a $55,000 ransom to recover the data.
Lawsuit Seeks Greater Cyber Security, Damages for Medical Providers
“Our suit will not only require cyber security measures to prevent this from occurring again, it also seeks damages for the loss of revenue.”
Allscripts estimates that 1,500 clients were affected by the ransomware attack. For many of these clients, the downed software wasn’t a mere inconvenience—it meant an unexpected financial loss.
On Twitter, healthcare providers complained that they were unable to perform basic activities, like access patients’ medical records and process billing. Complained one user, “Cloud is still down? We've had zero patient info available all day. Completely unacceptable.”
ClassAction.com filed a lawsuit against Allscripts on behalf of medical providers who suffered economic losses because of the attack, including those like Florida-based Surfside Non-Surgical Orthopedics who treat patients because they did not have access to the EHR system.
John Yanchunis, one of the nation’s leading data breach attorneys who has led litigation against corporations like Yahoo, Home Depot, and Target for failing to protect consumer data from the nation’s worst data breaches on record, is representing the class against Allscripts.
“The failure to have an adequate cyber security system allowed a malicious actor to lock Allscripts’ system, thereby jeopardizing the delivery of healthcare to consumers, impacting the many medical healthcare providers who were unable to practice medicine, and losing revenue,” Attorney Yanchunis said. “Our suit will not only require cyber security measures to prevent this from occurring again, it also seeks damages for the loss of revenue.”
Were You Affected by the Allscripts Ransomware Attack?
If you are a healthcare provider whose practice was interrupted by the Allscripts ransomware, you may be eligible for a lawsuit against the company. A lawsuit can help recover financial losses incurred while the EHR system was unavailable. Contact us today for a free, no-obligation legal review.
