The University of Mississippi Medical Center (UMMC) closed all its clinic locations statewide on Thursday following a ransomware attack.
UMMC employs over 10,000 employees and ranks as one of the largest employers in Mississippi. Moreover, it operates seven hospitals, 35 clinics, and more than 200 telehealth sites statewide. The medical center runs the state’s only children’s hospital, only Level I trauma center, only organ and bone marrow transplant program, and the only Telehealth Center of Excellence, one of two across the United States.
Cyberattack Disrupts IT Systems and Epic Access
Then, on Thursday afternoon, officials revealed that the cyberattack took down many of its IT systems and blocked access to the Epic electronic medical records platform. As a result, UMMC cancelled outpatient and ambulatory surgeries/procedures and imaging appointments. However, officials said hospital services continue via downtime procedures.
Meanwhile, UMMC is now investigating the incident with assistance from the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation.
“We have activated our Emergency Operations Plan and are working with authorities including the FBI and Homeland Security, who are helping us to evaluate this situation and determine next steps,” the UMMC said.
At the time of publication, the UMMC website remained down, and officials confirmed that the hospital shut down all IT systems while they assessed the attack’s impact.
“We are still evaluating the extent of systems impacted. As a precaution, we have shut down all our network systems and will conduct risk assessments before bringing anything back online. In-person class schedules remain normal,” they said.
Officials Confirm Contact With Attackers
Additionally, hospital officials revealed during a Thursday afternoon press conference that they are communicating with the ransomware operation behind the attack and coordinating with authorities on next steps, according to The Daily Mississippian.
“The attackers have communicated to us and we are working with the authorities and specialists on next steps. We do not know how long this situation may last,” said LouAnn Woodward, the dean of the school of medicine at UMMC.
“Patients in our hospital and our emergency department are being cared for. Clinical equipment and operations remain functional. We are using our downtime procedures. For our students, in-person classes will continue as scheduled.”
“All of our equipment works. All of our patients are being taken care of safely. There will be no patient impact as a result of this downtime,” Dr. Alan Jones, associate vice chancellor for health affairs at UMMC, told reporters.
So far, no ransomware group has claimed responsibility for the attack. However, attackers often negotiate privately with victims to increase pressure and push for an extortion payment.
Furthermore, because ransomware incidents frequently involve data theft, attackers may have stolen sensitive data and could use it as additional leverage to pressure the hospital into paying.
Source: BleepingComputer, Sergiu Gatlan
Read more at Impreza News
