Skip to Main Content


Holland & Hart News Update

Idaho County's Ransomware Payment Is a Good Reminder to Check Your Preparedness

By Claire Rosston, Co-Author

A recent article reporting that Bingham County paid approximately $3,500 in ransom to recover information and spent nearly $100,000 to respond to the attack highlights the need to take steps now to protect yourself against ransomware and be prepared in the unfortunate situation you too are a victim.

County Pays Ransom reported that Bingham County discovered the attack on February 15, 2017, and received a demand for $28,000 delivered in bitcoin for a password to decrypt the county servers. All but a few servers were backed up, enabling the county to recover its information without paying the ransom. After determining it would be more expensive to buy new servers to replace three infected servers, Bingham County paid the hackers 3 bitcoins, or about $3,500, for the decryption key. The county is still recovering after spending about $100,000 to respond to the attack and operations may not return to normal until 2018. For more information about the attack, visit

Ways to Protect Yourself

Visit this article for a detailed discussion of methods for protecting yourself against ransomware.

What to Do If a Victim

Visit this article for a discussion of the HHS Office of Civil Rights' guidance on responding to ransomware and complying with the costly HIPAA breach notification rules.

This publication is designed to provide general information on pertinent legal topics. The statements made are provided for educational purposes only. They do not constitute legal or financial advice nor do they necessarily reflect the views of Holland & Hart LLP or any of its attorneys other than the author. This publication is not intended to create an attorney-client relationship between you and Holland & Hart LLP. Substantive changes in the law subsequent to the date of this publication might affect the analysis or commentary. Similarly, the analysis may differ depending on the jurisdiction or circumstances. If you have specific questions as to the application of the law to your activities, you should seek the advice of your legal counsel.


Unless you are a current client of Holland & Hart LLP, please do not send any confidential information by email. If you are not a current client and send an email to an individual at Holland & Hart LLP, you acknowledge that we have no obligation to maintain the confidentiality of any information you submit to us, unless we have already agreed to represent you or we later agree to do so. Thus, we may represent a party adverse to you, even if the information you submit to us could be used against you in a matter, and even if you submitted it in a good faith effort to retain us.