National Capital Poison Center

The National Capital Poison Center, also known as Poison Help, functions as a poison control center, operating a hotline to provide medical advice and treatment recommendations for individuals exposed to poisonous substances. Its core service involves managing emergency calls and maintaining detailed records of each interaction, which include the caller's name, contact details, specifics of the exposure incident, and the clinical guidance offered. These call records constitute a comprehensive database that documents decades of cases, reflecting a long-term operational history within the United States. The organization's work places it within the public health and emergency medical services sector, where it serves as a critical resource for immediate toxicological consultation. Based on its name and the nature of its documented records, its primary market is the general public and healthcare providers seeking urgent assistance with poison-related emergencies. The center's activities are centered on its headquarters location in the United States of America, with no disclosed parent or subsidiary organizational structure in the available information.

On December 11, 2017, the National Capital Poison Center experienced a significant cybersecurity incident involving ransomware that resulted in the unauthorized encryption of its primary database server. This attack directly compromised the system housing its extensive archive of call records, which contained sensitive personal and medical information. The organization's subsequent assessment confirmed the encryption but could not definitively determine whether the data within those records was actually accessed, viewed, or exfiltrated by the attackers prior to the encryption. Furthermore, the center stated that many of the historical records only included partial subsets of personal information, though the breach still risked exposing names, contact details, exposure specifics, and treatment recommendations. The incident summary provides no details concerning any ransom demand made to the organization, whether any payment was rendered, or if data restoration was successfully performed from existing backups. The total number of individuals whose information may have been affected remains undisclosed, and no further technical or operational details about the ransomware strain or the intrusion vector are available from the provided source material.