INDIANAPOLIS — An Indiana hospital said it paid Attack.Ransom a $ 50,000 ransom Attack.Ransom to hackers who hijacked patient data . The ransomware attack Attack.Ransom accessed the computers of Hancock Health in Greenfield through an outside vendor 's account Thursday . It quickly infected the system by locking out data and changing the names of more than 1,400 files to `` I 'm sorry . '' The virus demanded Attack.Ransom four bitcoins in exchange for unlocking the data , which included patient medical records and company emails . The hospital paid Attack.Ransom the amount , about $ 50,000 at the time , early Saturday morning , said Rob Matt , senior vice president and chief strategy officer . `` It was n't an easy decision , '' Matt said . `` When you weigh the cost of delivering high-quality care ... versus not paying and bearing the consequences of a new system . '' The data started unlocking soon after the money was transferred , Matt said . `` The amount of the ransom Attack.Ransom was reasonable in respect to the cost of continuing down time and not being able to care for patients , '' Matt said . Hancock Health includes about two dozen health care facilities , including Hancock Regional Hospital in Greenfield , about 15 miles east of Indianapolis . The health system said in a news release that patient data was not compromised Attack.Databreach . Life support and other critical hospital services were not affected , and patient safety was never at risk . Ransomware is a growing digital extortion technique that affected tens of thousands of Americans in 2016 , USA TODAY reported . Criminals use various phishing methods Attack.Phishing through emails or bogus links to infect victims with malicious software . The virus infects the computer network by encrypting files or locking down the entire system . Victims log on and receive a message telling them the files have been hijacked and to get the files back they will have to pay Attack.Ransom . Hospitals are a frequent target of these attacks . In May , a ransomware virus affected more than 200,000 victims in 150 countries , including more than 20 % of hospitals in the United Kingdom . That attack was later traced to North Korea . Hancock Health said it worked with the FBI and hired an Indianapolis cybersecurity expert for advice on how to respond to the attack . The systems were back Monday after paying the ransom Attack.Ransom . “ We were in a very precarious situation at the time of the attack , '' Hancock Health CEO Steve Long said in a statement . `` With the ice and snowstorm at hand , coupled with the one of the worst flu seasons in memory , we wanted to recover our systems in the quickest way possible . '' Hospital officials could have retrieved back up files , but Long said they feared restoring the hijacked data would take too long . `` We made the deliberate decision , ” Long said , `` to pay the ransom Attack.Ransom to expedite our return to full operations . ''

IBM ’ s latest X-Force Threat Intelligence Index report reveals that more than 2.9 billion records were leaked Attack.Databreach through publicly disclosed incidents in 2017 . While that sounds horribly bad , there ’ s a bright side to this stormy disclosure : the number is 25 percent lower than the amount of records leaked Attack.Databreach in 2016 . Why ? Because hackers are shifting over to ransomware . They ’ re becoming more focused on holding files hostage for money than on unleashing all that data to the dark markets . According to IBM , this shift to ransomware cost corporations more than $ 8 billion globally during 2017 , a number derived from downtime , ransom payments Attack.Ransom , and other impacts on day-to-day business . The global logistics and transportation industries alone lost “ millions of dollars ” in revenue during 2017 due to ransomware attacks Attack.Ransom . Ransomware is a type of malware that infiltrates a network and encrypts files on connected PCs . These files become unrecoverable , and require a “ key ” generated by the hacker to be released from captivity . These keys are provided after a payment using cryptocurrency , adding to the overall cost corporations incur due to downtime . Hiring a third party to recover the files may or may not work , depending on the level of encryption . “ With the potentially irreversible encryption lock of crypto-ransomware , victims without up-to-date backups often choose to pay the ransom Attack.Ransom their attackers demand Attack.Ransom , ” the report states . “ Losing one ’ s files on personal devices may cost a few hundred dollars , but that effect extends much further for organizations where infected users could cause the company to lose massive amounts of data , and possibly to have to pay Attack.Ransom the criminals considerable sums of money to get it back. ” The report reveals that many organizations keep cryptocurrency on hand so they can resolve the problem quickly and reduce costly downtime . Law enforcement agencies discourage payments Attack.Ransom to hackers , but the rising ransomware “ epidemic ” is getting to the point where it may potentially cost corporations across the globe more than $ 11.5 billion annually by 2019 , according to research by Cybersecurity Ventures . Malware , by contrast , values leaked personal data over the potential financial gain of locking sensitive data on corporate networks .

A popular horse racing website ( Racingpulse.in ) that operates out of Bangalore , India was reportedly hacked on Tuesday . The hackers posted Attack.Ransom a statement on the home page informing that the entire data on the website has been encrypted . As is the norm , they also informed about what they expected as ransom Attack.Ransom . The ransom note suggested that they were expecting Attack.Ransom ransom amount Attack.Ransom in Bitcoins while the amount to be paid was not disclosed clearly . The message also included an email address for further communication , which was registered at india.com . The hackers offered Racingpulse.in an unimaginable favor by providing decryption key of a maximum of three files which should not be more than 10mb in size for free . This was probably done to prove that they did hack all the files on the site . The note read : “ All your files have been encrypted : All your files have been encrypted due to a security problem with your PC . If you want to restore them , write us to the e-mail mkgoro @ india.com , You have to pay Attack.Ransom for decryption in Bitcoins . After payment , we will send you the decryption tool that will decrypt all your files . “ Free decryption as a guarantee : Before paying you can send to us up to 3 files for free decryption . The message contained a link to the beginners ’ guide to Bitcoins too . “ How to obtain Bitcoins : The easiest way to buy bitcoins is LocalBitcoins site . You have to register , click ‘ Buy bitcoins ’ , and select the seller by payment method and price . The ransomware used in this attack Attack.Ransom is a new version of Dharma Ransomware Trojan . In the ransom note , hackers have provided the email address mkgoro @ india.com , which is a contact email for the victims to facilitate communication with them . According to security researchers , this new version of Dharma works just like the older version using unsolicited emails . These emails contain social network logos , bank information , payment portals and an option to download and open a file . The previous two attacks were countered by using backup files , said Kumar . “ We have now decided to move to another server in the hope of better security , it may take a day for the site to be up and running , ” revealed Kumar .