<figure>
 <img src="https://media.eaglewebservices.com/public/2021/5/1620062501408.png" alt="Midwest Transplant Network sent a letter to families notifying them that it suffered a ransomware attack in February. Carlos Moreno / KCUR 89.3" />
 <figcaption>Midwest Transplant Network sent a letter to families notifying them that it suffered a ransomware attack in February. Carlos Moreno / KCUR 89.3</figcaption>
 </figure>BY DAN MARGOLIES <a href="https://www.kcur.org/health/2021-05-03/ransomware-attack-on-midwest-transplant-network-affects-more-than-17-000">Kansas News Service</a>Families of organ, eye and tissue donors are receiving letters this 
week from the Midwest Transplant Network informing them of a data breach
 affecting more than 17,000 individuals.The breach, a malicious 
ransomware attack, occurred in February and locked Midwest Transplant 
Network out of its files for a brief period before it was able to regain
 access.According to the letter, which was sent out on Friday, 
the ransomware attackers were able to obtain some personal health 
information about deceased donors and organ recipients, including names,
 dates of birth and types of organ donation or transplantation 
procedures.“As soon as we learned about the data security 
incident on Feb. 11, we began working with a team of security experts to
 quickly halt the unauthorized access,” said Michala Stoker, a 
spokeswoman for Midwest Transplant Network. “We also notified the FBI 
and we continue to communicate and work with them regularly.”Stoker was unable to say whether Midwest Transplant Network paid a ransom in order to regain access to its files.“That’s technical information that I’m unable to answer,” she said.The
 U.S. Department of Health and Human Services defines ransomware as a 
type of malicious software that “attempts to deny access to a user’s 
data, usually by encrypting the data with a key known only to the hacker
 who deployed the malware, until a ransom is paid.”Health care 
organizations have been particularly ripe targets for ransomware 
attacks, according to Beazley, an insurer that provides cyber coverage 
for hospitals and other clients.Truman Medical Centers in Kansas City <a href="https://www.kcur.org/health/2019-08-07/truman-medical-centers-paid-ransomware-attackers-to-unlock-its-computer-system" target="_blank">got hit with a ransomware attack</a> about two years ago, locking the hospital network out of parts of its computer system.Truman said it agreed to pay the attackers “a small amount” to regain access to unlock the data.And a ransomware attack about three years ago <a href="https://www.kcur.org/health/2018-08-03/ransomware-attack-at-blue-springs-medical-practice-exposes-45-000-patient-records" target="_blank">targeted Blue Springs Family Care</a>
 in Blue Springs, Mo., affecting nearly 45,000 patients. The medical 
practice did not pay a ransom and was able to regain access to its 
system by using backups, according to a spokeswoman for the practice.Stoker
 said Midwest Transplant Network had no reason to believe the 
cyberattackers sold or otherwise distributed the data they obtained. But
 the network has, “out of an abundance of caution,” contracted with 
cybersecurity firm Kroll to address inquiries about the incident.Stoker said that following the attack, “We were able to continue to do our life-saving work.”She
 said the letter informing families of the attack only went out last 
week because “we wanted to make sure we got a correct list of those 
individuals who had been impacted.”“It wasn’t something that just
 happened overnight,” Stoker said. “We needed to continue to work with 
authorities, and we also wanted to make sure that all of our information
 was safe and secure, so that was a priority.”Midwest Transplant 
Network is based in the Kansas City suburb of Westwood, Kansas. 
Established in 1973, it provides laboratory, organ procurement and 
tissue recovery services.In 2019, it was responsible for transplanting 929 organs from a total of 282 organ donors, <a href="https://mwtn.org/wp-content/uploads/2020/04/MTN-Annual-Report-2019-9x23-75-FINAL_web.pdf" target="_blank">according to its 2019 annual report</a>, the last one available. It also oversaw eye and tissue donations from a total of 1,896 donors.Dan Margolies is senior reporter and editor at KCUR. He can be reached by email at dan@kcur.org or on Twitter @DanMargolies.&nbsp;

Ransomware attack on Midwest Transplant Network affects more than 17,000