There have been eight victims in 2018 of the SamSam malware which has been targeting the healthcare sector.  Victims have been reporting that their files are found encrypted with the extension .weapologize and receive a "Sorry" ransomware note in the form of ####-SORRY-FOR-FILES.html

One of the victims is apparently Allscripts which in January announced it had been attacked on several of its applications including its Electronic Prescriptions for Controlled Substances services.  Another victims has apparently been the city of Atlanta which suffered several days of bill payment and court access service disruptions.  Other victims appear to be Hancock Health which has a regional hospital and more than 20 facilities.  Hancock apparently paid four bitcoins ($55k at the time) to retrieve its encrypted(unusable) data.

Some malware attacks are weapons which simply destroy data while masquerading as ransomware.  NotPetya was just such a weapon which emulated the Petya ransomware virant.

Some of the best methods to remediate the risks from ransomware have been to isolate sensitive data by only permitting its access via a virtual private network (VPN) in tandem with multi factor authentication (MFA.)  Another method (and good practice) is to ensure the ability to quickly recovery from an attack which typically means having a good incident response procedure established with key persons and to have fresh and availably backups.