A ransomware attack locked patient data from up to 200,000 individuals, with a vendor potentially paying a ransom, raising concerns over taxpayer funds.
