Cyber-Security Alert: D.C. Area Hospital Chain MedStar Targeted By Hackers

MedStar, a Washington, D.C.-area hospital chain, became the latest healthcare industry victim of a cyber-attack when hackers breached its systems with a crippling virus. MedStar operates 10 hospitals in the D.C./Baltimore region, employs 30,000 staff, has 6,000 affiliated physicians, and serviced more than 4.5 million patient visits in 2015.

After being paralyzed by the virus, MedStar’s entire IT system for its 10 hospitals was forced to shut down and revert to paper records. The chain’s approximately 35,000 employees did not have access to emails and could not look up digital patient records in the attack’s wake. The FBI is assisting the chain by investigating the incident. It’s unclear at the moment whether or not the hackers are demanding ransom from MedStar in exchange for removing the virus.

The recent cyber-attack at MedStar comes weeks after Hollywood Presbyterian Medical Center in Los Angeles paid hackers 40 bitcoins, or about $17,000, to regain control of its computer system, which hackers had seized with ransomware using an infected email attachment.

Hackers increasingly target healthcare entities as security protections in healthcare often lag behind those in banking and financial sectors. Healthcare information contains a treasure trove of patients’ personal information, and a complete healthcare record is worth at least ten times more on the black market than credit card information. Also, hospitals are considered critical infrastructure that cannot reasonably be closed or incapacitated for any great length of time, and so may be more inclined to bowing to hackers’ demands for ransom.

This latest attack just goes to show the importance of cybersecurity at hospitals and other healthcare entities. In addition to the recent Hollywood Presbyterian Medical Center attack, data breaches and cyber-attacks have also recently occurred at Excellus Blue Cross Blue Shield, UCLA Health System, Premera Blue Cross, and Anthem Inc.

For more information, please contact Dana Petrillo, or another member of Cozen O’Connor’s Health Law team.

About The Author
Tagged with: , , , , , , , ,
Posted in Cyber crimes, Cyberattack, Data Breach, Data Security, HIPAA, Privacy

Leave a Reply

Your email address will not be published. Required fields are marked *

*

About Cyber Law Monitor
In the new digital world, individuals and businesses are almost entirely dependent on computer technology and electronic communications to function on a daily basis. Although the power of modern technology is a source of opportunity and inspiration—it also poses huge challenges, from protecting privacy and securing proprietary data to adhering to fast-changing statutory and regulatory requirements. The Cyber Law Monitor blog covers privacy, data security, technology, and cyber space. It tracks major legal and policy developments and provides analysis of current events.
Receive Email Updates

Email:

Cozen O’Connor Blogs