What do I do if I have been attacked or infected?
If your organization is the victim of a ransomware attack, contact law enforcement immediately.
- Contact your FBI Field Office Cyber Task Force immediately to report a ransomware event and request assistance. These professionals work with state and local law enforcement and other federal and international partners to pursue cyber criminals globally and to assist victims of cyber-crime.
- Here is where you can file a cybersecurity complaint with the Internet Crime Complaint Center (IC3).
- If your breach involves the PHI of 500 or less individuals (patients usually) a notice of breach can be filed via this link to HHS. Sample form is here.
- For further analysis and healthcare-specific indicator sharing, please also share these indicators with HHS’ Healthcare Cybersecurity and Communications Integration Center (HCCIC) at HCCIC_RM@hhs.gov.
- The U.S. Computer Emergency Readiness Team – US-CERT.gov
- HHS Office of Civil Rights Guidance on HIPAA and Ransomware
- The FDA’s Role in Medical Device Cybersecurity
- HHS ASPR – Technical Resources, Assistance Center, and Information Exchange (TRACIE) Healthcare Emergency Preparedness Information Gateway’s cybersecurity resources