Local medical office recovers from ransomware attack thanks to Merit Technologies

The Client:

(Omitted for Privacy)

The Challenge/The Client:

A ransomware attack targeted a private local medical office. This resulted in over a week and a half of downtime and devastating financial impact. Within the last 5 years alone, over 4,000 ransomware attacks have happened daily in the U.S. (Justice.gov journal).

An employee unknowingly clicked a harmful link that came through a phishing email. In an instant, their practice completely lost control of their systems, patient information, and sense of security. Imagine being that employee and the fear you must feel the moment you realize your whole organization and all the information within is now at risk.

Ransomware connects through one computer to the entire network. It seeks out all other devices and infects each one it connects to. This action completely locked up their entire network system, workstations, and devices, leaving them without access.

The Impact:

Their office was down for 7-10 days. They had to close their doors, turn patients away, and completely start from scratch with their infrastructure. Besides the financial impact of creating and implementing a recovery plan (including support hours, equipment cost, etc.), the cost of having to explain to your patients that there’s been a breach and their personal health information is at risk is immeasurable.

There was also the additional cost of purchasing new computers to remain operational during the rebuilding phase.


Merit Technologies not only created a recovery plan for this practice, but also a proactive plan to ensure medical practice is fully protected against any future ransomware attack. This solution included the restructuring of their infrastructure through On-Cloud Hosting, SOC Services, and Security Awareness Training as well as implementing a compliance solution allowing them to receive a third-party validated HIPAA Seal of Compliance.

Using automation and human processing, Merit Technologies now has full time eyes on their network, monitoring traffic in and out. With Security Awareness Training, the practice is now able to see which employees are most vulnerable. They can train their employees on what to look for and how to spot malicious, deceptive attacks, reducing their overall threat, because at the end of the day, the end user is most susceptible.


Fortunately, this practice recovered from the ransomware attack without paying the ransom demanded by their attacker. They were able to lean on the team at Merit Technologies to completely rebuild their infrastructure and move towards a proactive solution. Their network is now monitored 24/7 to stop threats before they hit their computers. Their infrastructure has multiple layers of security giving them complete peace of mind that their data and PHI are properly protected allowing them to fully protect their patients.

Share this post
You may also like
Recent posts

Ask us. We are here to help!