Malware Attack on the University of Maryland Medical System Successfully Thwarted

The University of Maryland Medical System discovered on December 9, 2018, that an unauthorized person installed a malware on its computer system. Thanks to the quick action of the UMMS IT team, the infected computers were isolated before serious harm was caused.

UMMS senior VP and chief information officer, Jon P. Burns, issued a statement saying that the majority of the malware-infected devices were desktop computers. The fast response of the IT staff made it possible to quarantine the infected computers very quickly. There was no file encrypted and medical services were not affected by the attack.

The malware was detected at 4:30 a.m and by 7 a.m., the IT department had taken its systems offline and has quarantined the affected devices. On the following day, most of its systems were restored and were completely functional.

The incident illustrates how crucial it is for healthcare institutions to have a tested incident response plan that can be implemented immediately in the event of a security breach such as a malware attack.

UMMS operates more than 150 medical facilities and has more than 27,000 computers. If UMMS did not have a breach response plan, the malware attack could have seriously affected medical services and had a negative impact on patients.

At this time, UMMS believes that no medical records or patient information were compromised. The investigation into the malware attack is still ongoing. It is not yet known how the malware was downloaded onto its computers. UMMS is being assisted by computer forensics specialists and when the cause of the attack is known, additional safeguards will be implemented.

HIPAA
Compliance
Checklist

Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: https://www.linkedin.com/in/liamhipaa/