North Carolina Health System Knocked Out By Ransomware Infection

this article first appeared on Revenue Cycle Advisor or October 27, 2017.

A WannaCry variant took down a North Carolina-based health system’s network October 17. FirstHealth of the Carolinas in Pinehurst, North Carolina, continued to experience delays and appointment cancellations for several days after the incident, the organization reported in an October 20 statement on its website.

FirstHealth posted an update on October 24 on its Facebook page stating that it is still operating under standard downtime procedures and will continue to do so until all network systems and devices are cleared. The post linked back to the statement on the organization’s website.

FirstHealth implemented security protocols immediately after the malware was detected and downtime procedures were implemented. The organization’s information system team began the testing of each network device across all the organization’s locations. No patient information was affected, according to FirstHealth’s statement.

The malware was identified as a new variant of WannaCry, a form of ransomware that hit organizations across the globe in May. Initially, reports suggested that U.S. organizations dodged that attack. However, in June the Office of the Nation Coordinator of Health IT released an email alert stating that two large, multistate U.S. health systems were still recovering from WannaCry infections.