Cyber Incident Victim: Finger Lakes Health

Finger Lakes Health experienced a ransomware attack discovered around midnight on March 18, 2018, when unauthorized actors encrypted the organization's computer systems. The attackers demanded payment in exchange for restoring access to the locked files, though the specific ransomware variant and demanded amount were not disclosed publicly. Health system personnel immediately initiated manual operational procedures as clinical and administrative systems remained inaccessible. Officials publicly confirmed the incident on March 20, emphasizing that forensic investigations had not yet uncovered evidence of unauthorized access to patient records or employee information. The disruption occurred despite initial media reports incorrectly identifying Finger Lakes Health System (also known as Common Ground Health) as the victim, requiring subsequent clarifications from both organizations to rectify the misidentification.

The cyberattack forced Finger Lakes Health to revert to paper-based processes for patient care coordination, medical record-keeping, and administrative functions until systems could be restored. While the duration of operational disruption wasn't specified, the organization maintained clinical services throughout the incident response period. No evidence suggested exfiltration or compromise of sensitive personal data, though the investigation remained ongoing at the time of public disclosure. Third-party cybersecurity experts assisted in containment and recovery efforts, though specific remediation steps beyond system isolation weren't detailed. The incident attracted regional media attention primarily due to service disruptions rather than data exposure risks, with operational continuity measures constituting the primary organizational response during the active phase of the attack.