Last week, a cyberattack crippled several local hospitals and outpatient medical centers when a virus disabled a number of MedStar Health’s networks and systems, including their email and patient-record databases, for at least two days. The healthcare provider, which operates 10 hospitals in the D.C. metro area, may have been victim of a “ransomware” attack, in which the company’s computers are held ransom for payment in digital Bitcoin currency. According to a report in the Washington Post, several employees reported seeing a message on their screens demanding payment of 45 Bitcoin, equivalent to about $19,000, though MedStar officials would not confirm this.
Many patients reported that their appointments were cancelled due to the network outage, though some were asked to bring a list of their current medications and allergies. Staff reverted to using paper to track what work they were able to do. Allegedly, when some blocked systems could be accessed, they were read-only, so that no information could be input or updated.
Last month, a medical center in Los Angeles resorted to paying $17,000 in Bitcoin to re-access their system. Attacks followed in Kentucky, West Virginia, California and Canada — suggesting a rising and unnerving trend.