Ransomware attack may delay scheduled procedures at Baltimore-area medical center

This year has seen nearly double the amount of publicly reported ransomware attacks on the health sector compared to 2019, according to one tally.
The Greater Baltimore Medical Center said many of its IT systems were down. (Getty Images)

The Greater Baltimore Medical Center on Sunday became the latest U.S. hospital to grapple with a ransomware incident amid a raging pandemic that has stretched health care IT resources thin.

The ransomware attack caused “many of our [IT] systems” to go down, the 342-bed medical center said in a statement late Sunday. That means some patient procedures scheduled for Monday “may be affected,” GBMC said. The hospital emphasized that it had “robust processes in place to maintain safe and effective patient care.”

It was unclear how many patient procedures were affected by the ransomware attack, or what type of malicious software was involved. A GBMC spokesperson did not respond to requests for comment.

GMBC said no patient data had been “misused,” and that it had enlisted outside security experts and law enforcement to help respond to the incident.


The Towson, Maryland-based medical center is following a playbook that numerous hospitals across the country have exercised after having their computer systems hampered by ransomware. There have been 93 publicly reported ransomware attacks on health care providers in 2020, compared to 50 attacks in 2019, according to Allan Liska, an analyst at threat intelligence company Recorded Future. Resource constraints and managing software updates are enduring challenges for the sector.

Cybercriminals have looked to extort hospitals overwhelmed with coronavirus patients. One criminal group known for multimillion-dollar ransom demands was behind a wave of attacks on U.S. hospital computers in October, according to security company FireEye. That threat prompted a public warning from federal officials, along with private briefings to health care executives urging them to raise their defenses.

Around that time, the University of Vermont Health Network suffered a cyberattack that forced one of the network’s hospitals to delay chemotherapy and mammogram appointments. For GMBC, the road to recovery is ongoing. “Our investigation is in its early stages. We will provide more information as we can,” the medical center’s statement said.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts