Mississippi Medical Center Shuts Down After Ransomware Attack
▼ Summary
– The University of Mississippi Medical Center (UMMC) closed all clinics statewide due to a ransomware attack that took down IT systems and blocked access to medical records.
– UMMC is a major healthcare provider with over 10,000 employees, operating seven hospitals and numerous clinics, and includes the state’s only children’s hospital and Level I trauma center.
– While outpatient appointments and procedures were canceled, hospital and emergency services continue using established downtime procedures, and in-person classes remain unaffected.
– UMMC is investigating the incident with the FBI and CISA, has shut down all network systems, and is in communication with the ransomware attackers.
– No ransomware group has publicly claimed responsibility, but stolen data may be used as additional leverage to pressure the hospital into paying a ransom.
A major healthcare provider in Mississippi has been forced to close its clinics statewide following a disruptive ransomware attack. The University of Mississippi Medical Center (UMMC) shut down all clinic locations after cybercriminals infiltrated its network, crippling critical IT systems and blocking access to electronic medical records. This incident highlights the severe operational risks that ransomware poses to essential services, particularly in the healthcare sector where patient care is directly impacted.
UMMC is a cornerstone of Mississippi’s healthcare infrastructure, employing over 10,000 people. Its network includes seven hospitals, more than three dozen clinics, and over two hundred telehealth sites. The medical center provides vital, unique services for the state, such as the only children’s hospital, the sole Level I trauma center, and the exclusive organ and bone marrow transplant program. Its status as one of only two Telehealth Centers of Excellence in the nation further underscores its critical role.
The attack, discovered on Thursday, disrupted numerous IT systems. While hospital services continue using established downtown procedures, the facility cancelled all outpatient surgeries, imaging appointments, and ambulatory procedures. Officials have launched an investigation with support from federal agencies, including the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI. As a precautionary measure, the medical center took its entire network offline to assess the damage and prevent further spread of the ransomware.
During a press conference, hospital leadership confirmed they are in communication with the ransomware group responsible. “The attackers have communicated to us and we are working with the authorities and specialists on next steps. We do not know how long this situation may last,” stated LouAnn Woodward, the dean of UMMC’s school of medicine. She assured the public that patients in the hospital and emergency department continue to receive care using alternative methods and that all clinical equipment remains operational.
Dr. Alan Jones, associate vice chancellor for health affairs, echoed this commitment to patient safety. “All of our equipment works. All of our patients are being taken care of safely. There will be no patient impact as a result of this downtime,” he told reporters. In-person classes for students were also reported to be proceeding normally.
While no specific ransomware group has publicly claimed responsibility, this silence is common during active negotiations. Attackers typically avoid publicity to pressure the victim into paying an extortion demand. In such cases, data theft often accompanies system encryption, providing hackers with additional leverage. Stolen patient or institutional data could be used to force the hospital’s compliance by threatening to release sensitive information publicly. The full scope of the breach and any potential data loss remains under investigation as UMMC works to restore its systems securely.
(Source: Bleeping Computer)
