A critical medical equipment crashed during a heart procedure due to a timely scan triggered by the antivirus software installed on the PC to which the said device was sending data for logging and monitoring.
Whoops.The device in question is Merge Hemo, a complex medical equipment used to supervise heart catheterization procedures, during which doctors insert a catheter inside veins and arteries in order to diagnose various types of heart diseases.
The number of things to be filed under "Bad Idea" in this situation are legion: why the logging computer ran an OS that requires an antivirus scanner (why not run Linux?), why the scanner was configured to block (as opposed to report) identified issues, why the security team was allowed to force a "fail closed"* architecture on potentially life-or-death equipment, why the Operating Room devices are connected to the Internet (if they are isolated, why would you need antivirus?).
Probably a lot more. Stalin would have had them all shot.
* "Fail closed" is a security model where if an operation cannot be completed (say, an even cannot be logged because the log partition is full), the system shuts down. This is opposed to "Fail open", where the system continues operating normally. Very high security designs will require fail closed, but mission critical systems should always be fail open.