Cyber-attacks have become very common these days and have recently attacked several global conglomerates, including Microsoft. In most cases, cyber attackers demand money as a ransom, but they rarely hear about casualties. However, a ransomware attack on a US hospital allegedly killed a girl with severe brain damage. According to a lawsuit filed by the mother and reported by The Wall Street Journal, the hospital was unable to function due to a cyberattack and subsequently lacked the care the child needed.
In a lawsuit by the baby’s mother, Teiranni Kidd, the Springhill Medical Center added that she did not notify her that the server was down due to a cyberattack. The incident occurred in July 2019, but the baby died in April 2020. Kid first sued the hospital in January 2020 and amended the case after his daughter died. In the lawsuit, “On July 9, 2019, Springhill Memorial Hospital was hit by a serious ransomware attack that blocked and encrypted the hospital’s computer systems, network systems, and data. On the same day, Springhill Memorial Hospital was in the media. He experienced a “network event” and said the problem did not affect patient care.
Kidd claims that the hospital missed an important test when she arrived to give birth to her baby. Tests have shown that the umbilical cord wraps around the baby’s neck, leading to brain damage and death after 9 months. The proceedings also state that if Kid had been informed about the cyberattack, she would have chosen to give birth to her baby elsewhere.
The case “TEIRAN NIKIDD v SPRINGHILL HOSPITALS” also highlights the first death from a cyber-attack. This isn’t the first time that ransomware-related homicide charges have been brought, but it will be the first time that a case makes it to court. The closest yet was an incident from last September, when a German patient died while in an ambulance that had been re-routed due to a hospital having been seized by ransomware. German police launched a negligent-homicide investigation and said they might hold the attackers responsible. It would have been the first time that law enforcement had considered a cyberattack to be directly responsible for a death, but it was subsequently determined that the patient died of other causes, leading a German prosecutor to drop the murder charge.
Everyone says Ransomware is deadly and cost million dollars, in this scenario it’s really deadly.