A sophisticated ransomware attack on MedStar Health Systems has exposed the personal and medical records of approximately 15 million patients, making it one of the largest healthcare data breaches in U.S. history. The attack was discovered on April 10 and is still being contained.
The breach compromised names, Social Security numbers, medical histories, insurance information, and prescription records. The attackers, linked to the Russian-speaking ransomware group BlackCat successor ALPHV2, demanded $50 million in Bitcoin for the data's return.
MedStar operates 10 hospitals and over 300 clinics across Maryland, Virginia, and Washington D.C. Patient care has been disrupted, with some facilities reverting to paper records while systems are restored. Emergency departments remain operational but experiencing delays.
The Department of Health and Human Services has launched an investigation, and the FBI's cyber division is assisting with response and attribution. Affected patients are being offered two years of free credit monitoring and identity theft protection.
The incident has reignited calls for stronger cybersecurity mandates in healthcare. A bill requiring minimum security standards for organizations handling patient data is gaining momentum in Congress.
