Twin Cities hospital data company hit with cyber attack

MINNEAPOLIS (FOX 9) - A Twin Cities company that deals with the private data and images of thousands of patients for more than 20 area hospitals and clinics was hit with a cyber attack on Super Bowl Sunday.

But at this point, they believe they stopped it before any of that confidential information was taken.

Consulting Radiologists Ltd said in an email to FOX 9 that they "were able to act quickly to interrupt these efforts and prevent a full-scale attack. While this attack temporarily interrupted services, our team acted quickly to secure our systems."

Consulting Radiologists Ltd, referred to as CRL, is used by health systems to read images such as x-rays, CT scans and MRIs, among other diagnostic tests. What this meant for health systems depended on their size.

Allina Health said they use CRL to read of imaging at some of their sites, but noted it’s not the only company use for this work. Allina also has their own radiologists on staff and say they’ve not had to send any patients elsewhere.

Glencoe Regional Health Systems, on the other hand, did have to divert patients for trauma or stroke, as smaller facilities like theirs do not have any radiologists on staff.

They tell FOX 9 that their other non-emergency imaging was still taken, but the results had to wait due to CRL’s downtime.
Consulting Radiologists says, "As part of our ongoing investigation, we are also assessing the full scope of this attack, but at this time, it does not appear that any data or personal information was taken."

FOX 9 spoke with cuber security expert Mark Lanterman, who says hacks on healthcare companies are, in his experience, most often ransom attacks, holding patient data hostage for money.

But when he took a look online at the most common marketplaces where hackers post stolen data, he found no evidence of this attack.

That confirms to him that the attack likely didn’t get any patient info or images.