The Comp Examiner Directory
The Stockwell Firm Designed Living


Other Claims News
The Comp Examiner Directory
The Liability Adjuster Directory
Service Provider Directory
Post a Job
View Jobs
View Resumes
Contact Us

Place Your Banner Here With A Click


Place Your Banner Here With A Click - FraudFromInsideAndOutsideTheCourtroom


Welcome Guest! | Login | Register with adjustercom

News Main Page

Email a Friend Email A Friend

More News

April 28, 2021
California Division of Workers’ Compensation Posts Recorded Question and Answer Meetings from April 13th and April 20th Regarding Medical-Legal Fee Schedule Regulations

April 21, 2021
California Division of Workers’ Compensation Posts Adjustment to Official Medical Fee Schedule for Physician and Non-Physician Practitioner Services to Adopt Updated Telehealth List and Monthly Update for Physician-Administered Drugs

April 16, 2021
California Division of Workers’ Compensation Posts Supplemental Adjustment to Official Medical Fee Schedule for Pathology and Clinical Laboratory

April 14, 2021
California Division of Workers’ Compensation Moves Eureka Office Permanently Online

CorVel A Victim Of Ransomware Attack
By Lonce Lamonte - July 27, 2019

This week’s virus attack against CorVel Corporation has now been described as a ransomware attack using the Ryuk virus.  

This information came from an anonymous informant, as the company is still not talking to outsiders, including the media.   No statement has been put out addressed to any individual or entity outside of CorVel.  This writer’s inquiry to a Melissa Storan, who was given as a media contact, using her email address has produced no response. 

According to the tipster, management confirmed the attack was companywide across the nation.  As of Friday afternoon, the three CorVel offices in Texas had no access to anything.  It was believed by this informant, that it was that way in every office. 

Thus, adjustercom’s previous report that the virus attack, which had not yet been identified as ransomware, was confined to California, appears to have been incorrect.   It appears now that CorVel’s computer systems were shut down nationwide to its approximately 80 offices across the continental U.S. 

According to the tipster source, CorVel management said the Ryuk virus was caught before it was active.  It was found during system upgrades.   But this management story has not made sense, because in that case of the virus being caught before going active, the IT technicians should have just been able to remove it.   However, the CorVel professionals seem to be completely replacing servers, so that indicates they were locked out.  

Perhaps the Ryuk virus locked them out when they tried to remove it, but it sounds more like it activated and then the system got completely compromised.  Thus, it’s not expected, according to the source, that the overall system will be back up on Monday.  That is, unless they are doing it with completely different servers. 

With completely different servers, CorVel will lose emails and other claim data when it’s back up.  Apparently, with that method, there would be a lot of work to repeat once the systems are restored. 

This confidential, secret report states that all offices nationwide were affected the same.  This contradicts the report from Thursday, July 25th, stating some systems were back up with the exception of the email and CareMC, the bill review system. 

The source did not know if a specific amount was requested as a ransom to restore the system.  Usually, a ransomware attack demands a ransom typically in bitcoin payment in return for the electronic key. 

Sometimes, ransomware lock-outs last two weeks, or a little shorter or even longer.  Possibly, by setting a time-period limit, this limits the perpetrator’s liability should the individual(s) responsible get caught.  

Most likely “system-nappers” believe they are going to receive their ransom demand within a two week period.  Companies the size of CorVel are apt to lose millions of dollars if their systems are down for two weeks.  This could put any company victim in a vulnerable position to just go ahead and pay the ransom.

CorVel is in a position to sustain enormous damages.  Empathy is an appropriate reaction.
, Lonce Lamonte, journalist; copyright adjustercom, all rights reserved 

adjustercom freelance writer Jorge Alexandria contributed to this article.


 Hot Jobs

There are no posted jobs at the moment.

IEA - Insurance Education Association

Veatch Carlson

The Comp Examiner Directory

    Copyright 2021 | Privacy Policy | Feedback |  

Web site engine's code is Copyright © 2003 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.