Skip to main content


Global Malware Attack Hits U.S. Healthcare Entities

By Alexandra Wilson Pecci  
   June 29, 2017

HHS warns the healthcare and public health sector about the ongoing risk and ripple-effect problems that may stem from the attacks.

The pharmaceutical company Merck, health records service Nuance Communications, and the Pennsylvania-based Heritage Valley Health System were among the many entities affected by a global ransomware attack this week.

As a result, HHS has warned the healthcare and public health sector about the ongoing risk and ripple-effect problems that may stem from the attacks. The American Hospital Association has disseminated this and other information on its website.

According to The New York Times, the virus is similar to another called Petya which emerged last year. The Times reported that the attack started Tuesday with attacks on business and government systems in Ukraine, and spread not only to health entities in the United States, but also to businesses and other entities globally, including a Cadbury chocolate factory in Australia and Denmark-based business conglomerate Maersk.

In fact, Maersk’s incident was part of the HHS warning; it noted supply chains for many sectors could be disrupted because Maersk “has temporarily limited or stopped container shipping into and out of the Port Authority of New York and New Jersey as well as the Port of Los Angeles.”

As of Wednesday, Heritage Valley Health System said it had found no evidence that patient information has been accessed in the attack. It also says it is “confident that it has identified the cause and is systematically restoring registration, clinical patient and ancillary care systems.”

Yet the attack has led to widespread disruptions, and on Thursday, the lab and diagnostic services at Heritage Valley medical neighborhoods and community locations closed for a second day in a row. The health system has set up a web page for ongoing updates.

Nuance Communications has also set up a webpage with updates regarding the incident. Yesterday, the company said that it had no “indication that the confidential information of our customers or our customers’ customers has been removed from the network.”

However, there were many disruptions in service, including for its Nuance Transcription services, radiology critical test results, Assure, Dragon Medical Advisor, Cerner DQR, Computer Assisted Coding, Computer Assisted-CDI, CLU software development kit, and its Quality Solutions products including Quality Measures, Claims Editor, and Performance Analytics/Clinical Analytics.

“Because we are unsure of the duration of this transcription and critical test results outage, we recommend all physicians stop using any transcription platform or critical test results immediately and initiate your clinical documentation back up plan,” the company said.

Finally, Merck has Tweeted a handful of updates about the attack, saying Wednesday that it believes it has the problem contained. It also said that upon learning of the attack, it immediately shut down its IT systems. The company says it is “working to maintain a sufficient supply of medicines and vaccines.”

In May, the United Kingdom's National Health Service was crippled when a global ransomware attack—dubbed "WannaCry"—forced appointments and operations to be cancelled, hospitals to disconnect from email, IT systems to be shut off, and some facilities to turn patients away.

Alexandra Wilson Pecci is an editor for HealthLeaders.

Get the latest on healthcare leadership in your inbox.