Ransom paid to cybercriminal on behalf of Inova Health, others

Five-hospital Inova Health System based in Falls Church, Virginia, was among the clients of Blackbaud, a fundraising service supplier, affected by a ransomware attack against Blackbaud in May.

Inova reported the incident to the public Sept. 9, saying the offender may have stolen the personal information of some patients and donors—names, contact info, donation histories—but did not make off with more sensitive information such as Social Security or credit-card numbers, financial records or EHR data.

“Inova deeply apologizes for any inconvenience this may cause,” the health system says in a public notice. “Blackbaud has assured Inova that they closed the vulnerability that allowed the incident, and that they are enhancing their security controls and conducting ongoing efforts against incidents like this in the future.”

Blackbaud has also issued a statement on the breach.

“Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed,” Blackbaud states. “Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused, or will be disseminated or otherwise made available publicly.”

Dave Pearson

Dave P. has worked in journalism, marketing and public relations for more than 30 years, frequently concentrating on hospitals, healthcare technology and Catholic communications. He has also specialized in fundraising communications, ghostwriting for CEOs of local, national and global charities, nonprofits and foundations.

Around the web

Compensation for heart specialists continues to climb. What does this say about cardiology as a whole? Could private equity's rising influence bring about change? We spoke to MedAxiom CEO Jerry Blackwell, MD, MBA, a veteran cardiologist himself, to learn more.

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”