The University of Mississippi Medical Center (UMMC) is currently grappling with a ransomware attack that emerged on February 19, leading to substantial disruptions across its healthcare services. Following the cyber invasion, UMMC has had to take significant precautionary measures, including shutting down its information technology systems to contain the breach and temporarily closing its 35 outpatient clinics. Elective procedures were also canceled, signaling the severity of the situation.
UMMC's leadership is aware of the urgency surrounding the issue and the public's desire for information. "They did leave demands, and again and sadly, everyone wants to know [how much]," said LouAnn Woodward, MD, UMMC's vice chancellor for health affairs, during an interview on February 24. However, she acknowledged the organization's decision not to disclose specifics regarding the ransom amount, stating, "But that’s part of what we’re not sharing with the public."
"They did leave demands, and again and sadly, everyone wants to know [how much],"
When approached for comments regarding the ongoing situation, a UMMC spokesperson reiterated the organization's position, saying, "We will have no comment on that topic at this time. All status updates will be posted to our social media accounts." This communication strategy aims to keep stakeholders informed while managing the intricate developments of the cyberattack.
On February 25, UMMC communicated via social media that they are “making significant progress in responding to the cyberattack and restoring our systems.” Yet, the hospital has confirmed that clinic appointments and elective procedures remain canceled up to February 27, indicating that recovery efforts are ongoing and comprehensive.
To assist patients during this tumultuous time, UMMC established a triage line on February 23, allowing individuals to leave messages regarding their health matters. This initiative reflects UMMC's commitment to maintaining patient care amid the crisis.
By the Numbers
By the Numbers
By the Numbers
The health system is also actively investigating the extent of the data breach. Dr. Woodward addressed concerns regarding the integrity of patient information by stating, "Our electronic health record was one of the components that we know was impacted by the attack. What we are trying to learn is what has been encrypted, what has been exported or exfiltrated. So that’s some of the effort that is going on now and has been going on since last Thursday. That takes time to test and validate."
Dr. Woodward emphasized that patient safety remains a top priority for UMMC. "Our highest concern is getting our services back up and being able to take care of our patients, but very quickly right after that is the integrity of patient data," she said, highlighting the dual challenge of restoring services and protecting sensitive information.
"Our highest concern is getting our services back up and being able to take care of our patients, but very quickly right after that is the integrity of patient data,"
As the University of Mississippi Medical Center continues to navigate the aftermath of this significant cybersecurity breach, the health system's commitment to transparency and patient care will be critical in maintaining trust and ensuring a swift return to normal operations. With technological vulnerabilities becoming a growing concern in healthcare, UMMC's experience underscores the importance of robust cybersecurity measures in safeguarding patient information in the digital age.