MedStar Health's network shut down by malware

petya ransomware logo

It does not appear the attackers compromised data, the U.S. healthcare provider says

A large healthcare provider in the Washington, D.C., area said it has resorted to paper transactions after malware crippled part of its network early Monday.

MedStar Health, a not-for-profit that runs 10 hospitals, said its clinical facilities were functioning and that it did not appear data had been compromised. The malware prevented "certain users from logging into our system."

"MedStar acted quickly to prevent the virus from spreading throughout the organization," it said in a statement posted on Facebook. "We are working with our IT and cybersecurity partners to fully assess and address the situation."

MedStar Health officials could not be immediately reached after business hours for comment.

The organization did not describe what type of malware infected its systems. But over the last two months, two health care organizations have said their networks were affected by ransomware.

Ransomware encrypts files and displays a message asking victims for a payment, usually in bitcoin, in order to obtain the decryption key.

Methodist Hospital of Henderson, Kentucky, declared an internal state of emergency last week after it was infected with the Locky ransomware, reported computer security writer Brian Krebs. An attorney for the facility said it wanted to avoid paying the ransom, which was around $1,600, the report said.

Last month, Hollywood Presbyterian Medical Center in Los Angeles paid attackers $17,000 to get its systems running again. Allen Stefanek, president and CEO of Hollywood Presbyterian, said in a statement the payment was the "quickest and most efficient way" to restore its systems.

Call on line 2! Six ways to add a second line to your smartphone
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies