Allscripts Says Service Restored to All Clients After Ransomware Attack

Allscripts has reinstated healthcare data services to all 1500 clients who were affected by technical problems stemming from the SamSam ransomware attack last week, according to a company spokesperson.

Concetta Rasiarmos, who handles public relations for Allscripts, announced the restoration of services in an email sent shortly after 1:15 p.m. today, Jan. 26, to Healthcare Analytics News™. The update came after more than a week of disrupted services, frustrating medical practices and resulting in a class-action lawsuit against the electronic health records (EHR) vendor.

Rasiarmos did not immediately respond to questions for more information on the resolution and steps going forward.

The debacle began on Jan. 18, when a strain of the SamSam ransomware virus burrowed into Allscripts data centers in North Carolina. As the attack encrypted files and hamstrung networks, an estimated 1500 clients dealt with service problems, particularly for the Allscripts Professional EHR System and its controlled substance program. According to physicians and attorneys, the interruption led to no-show appointments, longer periods of time spent with patients, electronic prescribing issues, and a loss of income.

Downed services ruffled physicians on social media and elsewhere, causing some to lash out against the company. “Very disgusted and unhappy with Allscripts,” one clinician wrote.

Allscripts does not comment on pending litigation, but the company has provided Healthcare Analytics News™ with updates on the situation. Earlier this week, for instance, a spokesperson noted that the company had notified the FBI of the hack. Allscripts has said the effects of the ransomware attack trickled down to no “hospitals or large independent physician practices.”

A telephone message left for the FBI earlier this week went unreturned.

The EHR giant does not believe it was directly targeted by the bad actor or actors. An outside cybersecurity expert, meanwhile, said vulnerabilities like a weak password or out-of-date software could have opened the door to hackers.

How much Allscripts paid, if anything, to unlock its data remains unclear. One expert ballparked the price at a few hundred thousand dollars. Ransomware hackers usually ask for payment via Bitcoin, and they have asked other healthcare institutions for tens and even hundreds of thousands of dollars in the past.