The Stockwell Firm


Other Claims News
The Comp Examiner Directory
The Liability Adjuster Directory
Service Provider Directory
Post a Job
View Jobs
View Resumes
Contact Us

Place Your Banner Here With A Click


Place Your Banner Here With A Click


SLT Law - Stacey Tokunaga


Welcome Guest! | Login | Register with adjustercom

News Main Page

Email a Friend Email A Friend

More News

May 27, 2020
California Division of Workers’ Compensation Posts ACOEM’s Coronavirus COVID-19 Guideline on MTUS

May 21, 2020
Furloughs and Lay-Offs Strike Claims Professionals as Claims Volumes Decrease

May 19, 2020
California Division of Workers’ Compensation Emergency Rulemaking Regulations for Medical-Legal Reporting in Response to COVID-19 are in Effect

May 12, 2020
California Division of Workers’ Compensation Posts Additional Adjustments to Official Medical Fee Schedule Including Expansion of Telehealth to Address COVID-19 Emergency (Physician and Non-Physician Practitioner Services)

CorVel A Victim Of Ransomware Attack
By Lonce Lamonte - July 27, 2019

This week’s virus attack against CorVel Corporation has now been described as a ransomware attack using the Ryuk virus.  

This information came from an anonymous informant, as the company is still not talking to outsiders, including the media.   No statement has been put out addressed to any individual or entity outside of CorVel.  This writer’s inquiry to a Melissa Storan, who was given as a media contact, using her email address has produced no response. 

According to the tipster, management confirmed the attack was companywide across the nation.  As of Friday afternoon, the three CorVel offices in Texas had no access to anything.  It was believed by this informant, that it was that way in every office. 

Thus, adjustercom’s previous report that the virus attack, which had not yet been identified as ransomware, was confined to California, appears to have been incorrect.   It appears now that CorVel’s computer systems were shut down nationwide to its approximately 80 offices across the continental U.S. 

According to the tipster source, CorVel management said the Ryuk virus was caught before it was active.  It was found during system upgrades.   But this management story has not made sense, because in that case of the virus being caught before going active, the IT technicians should have just been able to remove it.   However, the CorVel professionals seem to be completely replacing servers, so that indicates they were locked out.  

Perhaps the Ryuk virus locked them out when they tried to remove it, but it sounds more like it activated and then the system got completely compromised.  Thus, it’s not expected, according to the source, that the overall system will be back up on Monday.  That is, unless they are doing it with completely different servers. 

With completely different servers, CorVel will lose emails and other claim data when it’s back up.  Apparently, with that method, there would be a lot of work to repeat once the systems are restored. 

This confidential, secret report states that all offices nationwide were affected the same.  This contradicts the report from Thursday, July 25th, stating some systems were back up with the exception of the email and CareMC, the bill review system. 

The source did not know if a specific amount was requested as a ransom to restore the system.  Usually, a ransomware attack demands a ransom typically in bitcoin payment in return for the electronic key. 

Sometimes, ransomware lock-outs last two weeks, or a little shorter or even longer.  Possibly, by setting a time-period limit, this limits the perpetrator’s liability should the individual(s) responsible get caught.  

Most likely “system-nappers” believe they are going to receive their ransom demand within a two week period.  Companies the size of CorVel are apt to lose millions of dollars if their systems are down for two weeks.  This could put any company victim in a vulnerable position to just go ahead and pay the ransom.

CorVel is in a position to sustain enormous damages.  Empathy is an appropriate reaction.
, Lonce Lamonte, journalist; copyright adjustercom, all rights reserved 

adjustercom freelance writer Jorge Alexandria contributed to this article.


 Hot Jobs

There are no posted jobs at the moment.

Hefley Law, APC, Christopher M. Hefley

Build Your Brand

Veatch Carlson

AN Investigations

    Copyright 2020 | Privacy Policy | Feedback |  

Web site engine's code is Copyright © 2003 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.