A large healthcare provider in the Washington, D.C., area said it has resorted to paper transactions after malware crippled part of its network early Monday.
MedStar Health, a not-for-profit that runs 10 hospitals, said its clinical facilities were functioning and that it did not appear data had been compromised. The malware prevented “certain users from logging into our system.”
“MedStar acted quickly to prevent the virus from spreading throughout the organization,” it said in a statement posted on Facebook. “We are working with our IT and cybersecurity partners to fully assess and address the situation.”
MedStar Health officials could not be immediately reached after business hours for comment. An FBI spokeswoman said Monday night that the agency is “aware of the incident and is looking into the nature and scope of the matter.”
The healthcare provider did not describe what type of malware infected its systems. But over the last two months, two health care organizations have said their networks were affected by ransomware.
Ransomware encrypts files and displays a message asking victims for a payment, usually in bitcoin, in order to obtain the decryption key.
Methodist Hospital of Henderson, Kentucky, declared an internal state of emergency last week after it was infected with the Locky ransomware, reported computer security writer Brian Krebs. An attorney for the facility said it wanted to avoid paying the ransom, which was around US$1,600, the report said.
Last month, Hollywood Presbyterian Medical Center in Los Angeles paid $17,000 to attackers in order to get its systems running again. Allen Stefanek, president and CEO of Hollywood Presbyterian, said in a statement the payment was the “quickest and most efficient way” to restore its systems.