A computer virus forced MedStar Health, which boasts 10 hospitals throughout the District of Columbia and Maryland, offline late Monday, the Associated Press and the Washington Post report. The health system is working with the FBI, according to the AP, which is investigating the possibility of a ransomware attack.
According to a statement posted to MedStar Health's Facebook page, the virus prevents certain users from logging into its systems. MedStar took down all system interfaces to prevent the virus from spreading.
"Currently, all of our clinical facilities remain open and functioning," the statement says. "We have no evidence that information has been compromised."
The statement adds that MedStar has moved to backup systems and paper transactions, where necessary.
A spokesperson with the health system declined to comment to FierceHealthIT, while a call to the FBI was not immediately returned.
According to a tweet from Mike Carter-Conneen of ABC7, a MedStar spokesperson says that all D.C. and Baltimore locations are impacted by the virus.
According to the Post, hospital staffers reported an inability to access both email and electronic patient records.
In just the last few months, multiple healthcare organizations have fallen victim to ransomware, including Hollywood Presbyterian Medical Center, Ottawa Hospital in Canada and the Los Angeles Department of Health, among others. In the case of Hollywood Presbyterian, the hospital paid roughly $17,000 (40 bitcoins) to hackers, deciding that it was "in the best interest of restoring normal operations."
As ransomware attacks on the healthcare industry grow, Rep. Ted Lieu (D-Calif.) says breach notification laws should be updated to reflect the new threat.
Lieu said he may propose a bill that would require providers to let their patients know when a ransomware attack has occurred at the facility.
To learn more:
- here's the AP article
- read the Washington Post article
- check out the MedStar Health statement on Facebook