Virus hits MedStar Health hospital network; denies data theft

The health system took down some its computers to prevent the virus from spreading, but it's not clear how many computers -- or hospitals -- are affected.
Written by Zack Whittaker, Contributor

Malware has infected the computer network of MedStar Health, forcing the healthcare provider to shut down large portions of its electronic operations.


A MedStar Health emergency room in Washington DC, showing that computers had been turned off following the March 28 cyberattack. (Image: submitted to ZDNet)

A statement by the health system said that all facilities remain open, and that there was "no evidence of compromised information."

The not-for-profit healthcare system operates ten hospitals across the Washington and Baltimore region, with more than a hundred outpatient health facilities. According to the system's website, it has more than 31,000 employees and serves hundreds of thousands of patients annually.

One visitor to the hospital told ZDNet that staff switched the computers off after learning about the virus.

The person, who was visiting a patient in one of the healthcare system's Washington DC hospital, said the computers were powered off for more than an hour, with all patient orders lost, the person said.

There's a "lot of standing around," said the person, and things have "gotten progressively worse."

It's not the first time a hospital has been hit by malware. In recent weeks there have been a spate of attacks hitting hospitals in Australia, Europe, and across the US, by hackers who lock files and systems for money.

These kinds of "ransomware" attacks usually grind systems to a halt and demand a ransom in virtual currency in exchange for a key that decrypts files, return access to the user and operations back to normal.

It's not clear exactly what kind of malware was used in Monday's cyberattack.

A spokesperson for MedStar Health did not immediately respond to a request for comment.

An FBI spokesperson confirmed that it was "aware of the incident and is looking into the nature and scope of the matter."

Editorial standards