[BreachExchange] Allscripts faces class-action lawsuit after SamSam attack

Audrey McNeil audrey at riskbasedsecurity.com
Fri Jan 26 14:14:42 EST 2018


Allscripts clients had a tough time operating this week after the EHR
vendor was hit with ransomware nearly eight days ago, and now one of those
users is seeking damages for itself and others, according to court

Surfside Non-Surgical Orthopedics in Boynton Beach, Fla., filed a
class-action lawsuit against the Chicago-based EHR company Thursday.

They claim Allscripts failed "to secure its systems and data from
cyberattacks, including ransomware attacks," the complaint reads. The
lawsuit further alleges Allscripts' EHR and electronic prescription system
outages resulted in canceled appointments, "significant business
interruption and disruption, and lost revenues."

Becker's Hospital Review reached out to Allscripts, but company spokeswoman
Concetta Rasiarmos declined to comment because the company does not discuss
pending litigation.

A variant of SamSam ransomware infiltrated Allscripts' data centers in
Raleigh and Charlotte, N.C., in the early morning hours of Jan. 18. The
company said only a limited number of applications had been affected, but
later explained nearly 1,500 clients were without the EHR for hours or even
days — one week after the attack, some were still unable to access
electronic patient data.

Ms. Rasiarmos also did not address questions seeking additional details on
the company's ransomware recovery efforts.

The suit seeks class-action status for all Allscripts customers who were
affected by downtime following the attack. The plaintiffs are pursuing
damages related to lost revenue and disruption of business. They are also
requesting injunctive relief to ensure Allscripts prevents these types of
attacks from happening again.

Becker's Hospital Review has reached out to Morgan & Morgan Complex
Litigation Group, which helped file the suit on behalf of Surfside, for
comment. This story will be updated as more information becomes available.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180126/ae5308ff/attachment.html>

More information about the BreachExchange mailing list