Hospitals, Health IT

Hackers target MedStar in possible ransomware attack

With 10 hospitals and more than 250 outpatient centers, MedStar would be the largest healthcare victim of ransomware in the U.S. to date.

bullseye

The FBI is investigating a possible ransomware attack against Columbia, Maryland-based MedStar Health. MedStar’s electronic health records system and e-mail remained down Monday evening, according to the Washington Post.

If the breach does turn out to be ransomware, it would be the largest such attack on a U.S. healthcare network. MedStar has 10 hospitals and more than 250 outpatient centers in the Washington and Baltimore metro areas.

A virus hit the massive network Monday morning and the health system reverted to paper record-keeping after the Cerner EHR was taken down. Around 10:30 a.m. EDT, two MedStar hospitals in Baltimore asked Maryland officials to stop sending ambulances, the Associated Press reported.

“MedStar acted quickly with a decision to take down all system interfaces to prevent the virus from spreading throughout the organization,” spokeswoman Ann Nickels said, according to the Post. She said that “all of our clinical facilities remain open and functioning.”

The Baltimore facilities, Good Samaritan Hospital and Union Memorial Hospital, reportedly lifted the diversion orders after MedStar turned on backup systems. But it’s doubtful MedStar is back to full capacity.

“Even the lowest-level staff can’t communicate with anyone. You can’t schedule patients, you can’t access records, you can’t do anything,” an anonymous MedStar employee told the Post.

This employee said she had been told by two co-workers that ransom messages popped up on their computer screens, but the woman had not seen the messages herself, the Post reported.

Nickels was unable to confirm whether it was a ransom attack, the story said.

The medical director for the state of Maryland’s Institute of Emergency Medical Services Systems told the Associated Press that he suspects ransomware. Dr. Richard Alcorta is quoted as saying that

“People view this, I think, as a form of terrorism and are attempting to extort money by attempting to infect them with this type of virus,” Dr. Richard Alcorta said.

If it is ransomware, MedStar is by far the largest healthcare target to date of this new form of hacking. Last month, Hollywood Presbyterian Medical Center in Los Angeles paid a $17,000 ransom to get its computers back online after 10 days — and laughably claimed that patient care had “not been compromised in any way.”

Methodist Hospital in Henderson, Kentucky and two Prime Healthcare hospitals in the California desert got hit this month. A Canadian hospital may have spread a ransomware virus to visitors to its website.

Photo: Flickr user Asim Bharwani

Shares0
Shares0