A ransomware attack has reportedly disrupted the operations of the University of Mississippi Medical Center (UMMC), forcing widespread service cancellations across the state. While critical emergency services such as ambulances continued operating, staff were required to shift to manual procedures to maintain patient care. The incident significantly impacted routine healthcare delivery, highlighting the growing vulnerability of medical institutions to cyber threats.
According to officials, outpatient appointments, ambulatory surgeries, eye care visits, and imaging services were cancelled statewide on Thursday, with further updates pending. The disruption affected dozens of facilities, including 35 UMMC clinics located throughout Mississippi. This marks the fourth major cyber incident targeting healthcare organizations in the state over the past three years and the second to result in the closure of multiple UMMC clinics.
LouAnn Woodward, Vice Chancellor for Health Affairs, confirmed that the attack compromised systems linked to the hospital’s electronic medical records platform. Recovery efforts are currently focused on restoring the EPIC servers that manage patient data, scheduling, and clinical documentation. Although officials acknowledged the ransomware attack, they did not disclose the identity of the group responsible.
Healthcare organizations have increasingly become prime targets for ransomware operators due to the critical nature of their services and the high value of medical data. Notorious ransomware groups such as Qilin and LockBit are known to target hospitals and healthcare providers, exploiting the urgency of medical operations to pressure victims into paying ransom demands. However, at this stage, authorities have not confirmed whether the UMMC incident involved traditional file encryption or a “double extortion” tactic, in which attackers both steal and threaten to leak sensitive data without necessarily encrypting systems.
The investigation is being led by federal authorities, including the Federal Bureau of Investigation, the Department of Homeland Security, and the Cybersecurity and Infrastructure Security Agency. These agencies routinely investigate cyberattacks targeting critical national infrastructure sectors such as healthcare, energy, water utilities, and banking.
Cybercriminals often aim to disrupt essential services to create widespread panic and operational paralysis. As healthcare systems continue to digitize patient records and expand interconnected networks, strengthening cybersecurity defenses has become an urgent priority. The UMMC attack serves as yet another reminder of the persistent and evolving threat ransomware poses to public health institutions.
NOTE- It might take a week and a half or more for the healthcare facilities to recoup to normalcy.
Join our LinkedIn group Information Security Community!
