Questions Linger After the MDH Ransomware Attack

January 17, 2022
- Conversant Group

Questions linger after MDH ransomware attack

Heath Renfrow, former chief information security officer for U.S. Army Healthcare, who now works at Conversant Group, told WYPR that he finds it hard to believe no data was lost.

“I have not seen in the hundreds of different incidents that I’ve been involved with, including the restoration effort, where there was not a loss of data,” he said.

Renfrow said it will probably be three to six months before the department is fully operational.

“You never come back completely from an attack like this and get exactly the same situation you were in before the attack,” he said.

He also noted that cost ramifications could be long lasting. The department has bought 5,400 laptops and other devices as part of recovery. Renfrow said those purchases are “surprising” to him because acquiring that much equipment isn’t easy right now, given a shortage in microchips.

“It’s been an indication that they were not fully prepared for a catastrophic event like this because they’ve had to invest so much money in new equipment,” he said.

Renfrow said that he believes having to buy that much equipment means it’s likely protected health information could have been exposed. If that is the case, he said the department may have to report a possible violation of HIPAA law to the Office of Civil Rights before the investigation is over.


About Conversant Group & Fenix24

Conversant Group is changing the IT services paradigm with our relentless focus on “Secure First” managed services, IT infrastructure and consulting. Conversant has been a thought leader for over 12 years helping over 500 customers and entire industries get answers to the security questions they may not even know to ask. We are the world’s first civilian cybersecurity force, with three battle-tested battalions:
Learn more at and
Media Contact:
Lindsay Smith