- The University of Maryland Medical System was hit by a malware attack early Sunday morning, disrupting some IT system functions.
According to officials, an outside source attempted to infiltrate the IT systems with a malware virus around 4:30 on Sunday morning. In response, UMMS hospitals took networks and devices offline by 7 AM.
UMMS’ IT team proactively disable several IT systems to prevent the malware from spreading and taking hold, officials told HealthITSecurity.com. By leaning on its “self-initiated IT service disruption” downtime procedures, the hospitals were able to maintain operations and ensure patient safety.
All patients who sought treatment at UMMS were treated. However, under EMS protocols, some patients were transported to other facilities “during a brief window of time.”
The cyberattack impacted about 250 of the system’s 27,000 devices, primarily desktop computers, officials told the Baltimore Sun. Those devices were quarantined.
UMMS serves patients across Maryland, including medical facilities at more than 150 locations. Officials said all locations continued to provide patient care throughout the event without service interruption. Most of UMMS’ system was brought back online Monday morning.
“The measures we took to identify the initial threat, isolate it to prevent intrusion, and to counter and combat the attack before it could infiltrate and infect our network worked as designed,” Jon Burns, Senior Vice President and Chief Information Officer for UMMS, said in a statement.
“None of our systems were encrypted with a ransomware-type virus, and at this time, we have no indication that any patient data or records were compromised,” he added.
The health system is continuing to work with law enforcement and an external forensics team to determine the attack origin. According to officials, the intrusions has similar characteristics to recent cyberattacks on other healthcare providers and other industries.
“We extend our gratitude to our staff across the system who worked diligently during the IT disruption to provide continuous, high quality care to our patients,” officials said.
This is just the latest in an ongoing trend of weekend ransomware and malware attacks on the healthcare sector. East Ohio Regional Hospital and Ohio Valley Medical Center was hit by a ransomware attack the weekend of November 24, prompting emergency care patients to be diverted to other hospitals.
And Rhode Island-based Thundermist Health Center fell victim to a ransomware attack on November 29, which impacted some patient care.