I'd be wondering if HIPPA requires him to disclose the breach to his clients since it is medical information.
-- ~*~ StormeRider ~*~ "Every world needs its heroes [...] They inspire us to be better than we are. And they protect from the darkness that's just around the corner." (from Smallville Season 6x1: "Zod") On why I hate the phrase "that's so lame"... http://bit.ly/Ps3uSS On Thu, Nov 13, 2014 at 9:51 AM, John Quigley <quigs...@gmail.com> wrote: > Colleagues, > > A good friend of mine owns a dental practice whose data was encrypted with > ransomware. Apparently all of the primary and backup data were encrypted. > I'm getting info secondhand from him and so don't have all the details yet > (eg, which OS, which variant of ransomware, etc). > > They're asking in the range of $500-1000 in bitcoin. He wants to pay. > > My questions are: > > 1. Where/how to get bitcoin safely? > > 2. What should his expectations be after he pays? > > 3. Are there any other possible mitigations? For example, another friend > sent me the FireEye link where one might be able to obtain a known > decryption key. > > (https://www.decryptcryptolocker.com) > > I realize question #1 is off-topic for this list, but any personal > experience is welcome. Any other advice or questions I should be asking? > > John > > _______________________________________________ > Tech mailing list > Tech@lists.lopsa.org > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ > >
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
