By Jim Finkle
(Reuters) – MedStar Health’s computer systems remained offline on Tuesday for the second straight day after the non-profit, one of the biggest medical service providers in the U.S. capital region, shut down parts of its network to stem the spread of a virus.
MedStar spokeswoman Ann Nickels said she did not know when the systems would be restored or what type of virus had infected the network.
“Medical services continue,” she said in an interview. When asked if elective procedures would be performed, she said that would determined “case by case.”
The non-profit, which runs 10 hospitals and some 250 outpatient facilities in Washington and Maryland, said Monday on its Facebook page that its computer network was infected by a virus that prevented some users from logging into the system early that day. MedStar quickly decided to take down “all system interfaces to prevent the virus from spreading” and moved to backup systems for paper record-keeping, the post said.
Nickels said she had no further information about the attack: “We are actively investigating.”
The FBI said on Monday that it was looking into the incident at MedStar, which is one of the largest medical providers to have operations interrupted by malicious software.
The discovery came after several recent attacks on U.S. hospitals by cyber extortionists using software known as ransomware, which encrypts data and demands that users pay to get it unlocked.
Last month, Hollywood Presbyterian Hospital in Los Angeles paid $17,000 to regain access to its systems after such an attack.
Security blogger Brian Krebs last week reported that Henderson, Kentucky-based Methodist Hospital declared a state of emergency after falling victim to a ransomware attack.
(Reporting by Jim Finkle; Additional reporting by Dustin Volz; Editing by Lisa Von Ahn)