Wood County Hospital Data Breach (2016)

Ohio-based Wood County Hospital averted a potentially widespread ransomware attack by detecting the issue with the help of its managed security services provider (MSSP) two weeks before it surfaced. The ransomware incident took place in September 2016, which is when an employee received a popup message that said files had been encrypted and that Wood County had 72 hours to pay. “From the logs that we were able to locate through ExtraHop, we saw the timestamp on the ransomware file,” White explained. “We looked at [Veriato 360] for that timeframe and we were able to pinpoint exactly where the ransomware came in the system.” “It was a nurse in behavioral health who had clicked on a website that she goes to on a frequent basis for her job,” she continued. “It was at the minute she clicked on a link in their website that the ransomware entered our system.”