Lawsuit Filed In Ransomware Attack

The ransomware attack that hit two Allscripts data centers in North Carolina on January 18 impacted about 1,500 clients of the medical practice management company and paralyzed many small physician practices. Providers were forced to treat patients without access to their medical history, and disruptions to Allscripts’ patient scheduling system led some practices to cancel surgeries and tests and set up an “open clinic” to manage incoming patients without an appointment calendar. In addition to the disruptions to patient care, many physician practices were disappointed in how the company managed provider communications after the attack. Several office managers said the security features of cloud-hosting was part of Allscripts’ sales pitch. On January 25 a class action lawsuit was filed in Illinois, alleging that Allscripts was aware of deficiencies that could compromise its systems, but its “wanton, willful, and reckless disregard” led to service disruption. “Had providers known Allscripts failed to take the necessary precautions, they would have purchased services from another vendor,” according to the complaint.