MedStar says staff making progress in restoring systems

Organization recovering from hack that may have been a ransomware incident.


The Baltimore Sun is reporting that the cyber attack on MedStar Health is a ransomware incident, based on ransom demands that the newspaper says it has obtained.

The FBI and MedStar still have not officially confirmed a ransomware event. However, the Sun has interviewed several employees and physicians who have the attack involves ransom demands. Documents obtained by the newspaper include a demand for $18,500. MedStar personnel also have confirmed ransomware to the local Fox News affiliate.

The purported ransom demand on MedStar is close to the $17,000 ransom demand that Hollywood Presbyterian Medical Center paid to get its information systems back online after struggling for 10 days to restore the systems.

Also See: Should ransomware attacks be considered breaches?

On Friday, MedStar Health said it was nearing 90 percent functionality of its systems, the fifth day after discovering the cyber attack, and it “continues to move toward full restoration of major IT systems, while maintaining its promise to meet the care needs of the communities we serve.” On Tuesday, MedStar had expressed hope that most systems would be fixed by the end of that day.

In its latest update, MedStar said its care volumes remain near normal levels, and analysis continues to show that patient and associate data has not been compromised. However, data availability remains limited.

Other hospitals recently victimized with ransomware attacks include Methodist Hospital in Henderson, Ky., which claimed to have fought off the attack and paid nothing; Ottawa Hospital in Canada, which isolated four infected computers and wiped the drives; and Chino (Calif.) Valley Medical Center and Desert Valley Hospital in Victorville, Calif., both part of Prime Healthcare, which was able to limit damage and paid no ransoms.

More for you

Loading data for hdm_tax_topic #reducing-cost...