New Jersey hospital chain pays attackers to thwart ransomware incident

The size of the payment was not disclosed.
Hackensack Meridian Health, which operates 17 clinics and hospitals, cautioned that no patients were harmed as a result of the attack. (Courtesy of Hackensack Meridian Health)

New Jersey’s largest hospital system said last week it paid an extortion fee to hackers who had disrupted medical facilities with a ransomware attack.

Hackensack Meridian Health, based in Edison, New Jersey, said Dec. 13 it was working to restore its computer systems following a Dec. 2 ransomware attack that forced administrators to cancel roughly 100 elective medical procedures. The nonprofit, which operates 17 clinics and hospitals, cautioned that no patients were harmed as a result of the attack.

It did not say how much it paid ransomware attackers to unlock medical systems.

“We believe it’s our obligation to protect our communities’ access to health care,” the nonprofit said in a statement.


Ransomware attacks typically begin with an email containing a malicious link or attached document that infects victims’ computers. Once inside, scammers seek to infiltrate more sensitive areas of the network, encrypting data or disabling services along the way. Then, they promise to unlock those systems only in exchange for a payment, usually in cryptocurrency.

Law enforcement officials and cybersecurity practitioners publicly advise victims against meeting ransomware demands, warning that payments make them a more appealing target for another attack and that there’s no guarantee hackers will unlock their system.

While the hospital network’s primary clinical care systems had started to resume normal functions by Friday, this incident is only the latest in a long spree of ransomware attacks against targets that are vulnerable because of their importance to society. The city of New Orleans, La. called a state of emergency Friday in response to a separate ransomware attack that forced municipal workers to turn off their computers. The New Orleans mayor instructed all city employees to report to work as normal on Monday.

It was the third time Louisiana officials declared a state of emergency related to ransomware in just months, while attackers also have hit towns in Florida, Texas, Nevada and elsewhere. The first high-profile ransomware attack against a hospital occurred in February 2016 against Hollywood Presbyterian Medical Center in California, when executives elected to pay $17,000 in bitcoin to regain access to their systems.

Jeff Stone

Written by Jeff Stone

Jeff Stone is the editor-in-chief of CyberScoop, with a special interest in cybercrime, disinformation and the U.S. justice system. He previously worked as an editor at the Wall Street Journal, and covered technology policy for sites including the Christian Science Monitor and the International Business Times.

Latest Podcasts