Security Experts:

Connect with us

Hi, what are you looking for?


Incident Response

Greater Baltimore Medical Center Hit by Ransomware Attack

The Greater Baltimore Medical Center in Towson, Maryland was hit by a ransomware attack that impacted computer systems and medical procedures, the healthcare provider said Sunday.

The Greater Baltimore Medical Center in Towson, Maryland was hit by a ransomware attack that impacted computer systems and medical procedures, the healthcare provider said Sunday.

While few details have been provided, operator GBMC HealthCare says the incident has impacted information technology systems and forced some procedures scheduled for Monday to be cancelled.

“Although many of our systems are down, GBMC HealthCare has robust processes in place to maintain safe and effective patient care. We are collectively responding in accordance with our well-planned process and policies for this type of event,” the announcement said.

“Some procedures scheduled for Monday, December 7 may be affected. All patient’s whose procedures may be rescheduled have already been contacted,” it added.

GBMC HealthCare operates several facilities, including the Greater Baltimore Medical Center, Gilchrist, Greater Baltimore Health Alliance, and GBMC Health Partners. It is unclear if other entities in its portfolio have been impacted.

The ransomware attack is the latest of many that have impacted healthcare providers over recent months. In September, a ransomware attack forced the shutdown of more than 250 locations operated by Universal Health Services (UHS). Also in September, an attack shutdown IT systems at a hospital in Duesseldorf, Germany, resulting in the death of a woman after she had to be taken to another city for urgent treatment.

In late October, the U.S. government warned hospitals and healthcare providers of an “increased and imminent” ransomware threat. The alert warned that threat actors are targeting the healthcare sector with the TrickBot malware in attacks that often lead to ransomware infections, data theft and disruption of healthcare services.

TrickBot has been updated with functionality that allows it to scan the UEFI/BIOS firmware of targeted system for vulnerabilities, security researchers recently discovered.

RelatedGerman Hospital Hacked, Patient Taken to Another City Dies

RelatedAs Hospitals Cope With a COVID-19 Surge, Cyber Threats Loom

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.