Health authorities in Hong Kong have initiated an investigation into a malicious cyberattack targeting Union Hospital in Tai Wai. Despite the hospital’s refusal to pay a US$10 million ransom demanded by hackers, initial findings indicate that patient data and medical services remain uncompromised.
The Department of Health confirmed that the ransomware attack did not lead to the release of patient data or affect the hospital’s service security. Nonetheless, the hospital has been instructed to provide a comprehensive report within four weeks, detailing the incident and the measures taken in response.
Law enforcement agencies, including the police and the city’s privacy commissioner, have been notified of the cyberattack. Union Hospital activated its emergency response system promptly upon discovery of the attack and has bolstered cybersecurity measures to prevent further intrusion.
A team of cybersecurity experts has been engaged to conduct a thorough inspection of the hospital’s systems and ensure continuity of medical services. Union Hospital emphasized its commitment to patient privacy, stating that all patient records are encrypted and password-protected.
The hospital reported the incident to relevant authorities and encouraged patients with concerns to contact them via email. Hackers purportedly utilized ransomware known as “LockBit” in the attack, prompting Union Hospital to refuse the ransom demand.
While police received reports of abnormalities in the hospital’s network system, including missing computer files, no personal data was compromised. The case is under investigation, and the privacy commissioner’s office has advised the hospital to inform all affected parties while conducting a formal review.
Despite the cybersecurity threat, Union Hospital remains dedicated to providing uninterrupted medical services and ensuring the security of patient information.