A Midwest Ear, Nose and Throat practice shut down permanently after hackers breached office computers and held data hostage, reports The Minneapolis Star Tribune.

Criminals targeted the Brookside ENT of Battle Creek, Michigan, in an April Ransomware attack that completely locked the hard drives of the two-physician office. The doctors were told to pay $6,500 for a password the attackers promised would unlock the data, which comprised all patient electronic health records (EHRs). 

Rather than pay, Drs. William Scalf and John Bizon chose to shutter their office permanently. The doctors told the newspaper they had no assurances the password would work or that the hackers wouldn’t return. Patients were stranded. 

While early retirement may be appealing, the doctors are not off the hook. In most cases, ransomware attacks qualify as reportable health data breaches under HIPAA.  

Ransomware attacks often begin when a victim opens a harmless-looking email, which contains code that locks an entire drive. In the case of Brookside ENT, even the backup data was locked up. That’s because automatic backup software simply passed the ransomware up to the cloud or other connected backup drive.

Cybersecurity experts applauded the doctors for refusing to pay the ransom, but say multiple backups are required to prevent catastrophic data loss. The HIPAA Security Rule is a blueprint to protect against Ransomware attacks and maintain and recover data.