WASHINGTON — The Associated Press has learned that hackers who recently disrupted a large hospital chain broke into a computer server left vulnerable on its corporate network. That was despite urgent public warnings since at least 2007 that the vulnerability needed to be fixed with a simple update.
A person familiar with the investigation told AP that hackers exploited design flaws that had persisted for years on the MedStar Health Inc. network. The person wasn’t authorized to discuss the findings publicly and spoke on condition of anonymity. The FBI, which is investigating, declined to discuss the case.
Fixing the problem involved installing an available update or manually deleting two lines of software code. MedStar said it continuously applies patches to fix software vulnerabilities.
Talk to us
> Give us your news tips.
> Send us a letter to the editor.
> More Herald contact information.
