Cyberattack Hits in Early Hours (Image Credits: Unsplash)
Jackson, Mississippi – The University of Mississippi Medical Center shuttered all 35 of its clinics across the state through Tuesday after a ransomware attack disrupted its Epic electronic health records system and broader IT network.[1][2]
Cyberattack Hits in Early Hours
Officials detected the ransomware intrusion in the early morning of Thursday, February 19. The breach quickly compromised the medical center’s network, prompting an immediate shutdown of IT systems as a precaution. UMMC staff activated downtime procedures to maintain critical care.
Hospitals and emergency departments in Jackson, Grenada, Madison County, and Holmes County stayed open. Clinical equipment continued to function normally. However, caregivers shifted to pen-and-paper documentation, a practice some longtime staff recalled from earlier eras.[3]
Widespread Closures Disrupt Routine Care
The attack led to the closure of every UMMC clinic starting that Thursday, with the exception of the kidney dialysis facility at Jackson Medical Mall. Scheduled appointments, including chemotherapy sessions and elective procedures, faced cancellation through at least February 24.
UMMC, Mississippi’s largest academic health sciences center, operates these outpatient sites throughout the state. Patients received instructions to reschedule once systems recover. Time-sensitive treatments received priority using manual processes.[4]
Impacts extended beyond clinics. Mississippi MED-COM, the hospital transfer coordination network, encountered issues but relied on redundancies to avoid delays in patient routing.
Federal Agencies Rally to Assist Recovery
UMMC leadership confirmed contact with the unnamed ransomware group behind the assault. The center notified law enforcement and coordinated with federal partners. The FBI, Department of Homeland Security, and Cybersecurity and Infrastructure Security Agency provided support.
FBI Special Agent in Charge Robert A. Eikhoff noted the early stage of the investigation. “We are in the process of surging resources, both locally and nationally, into this incident,” he stated.[1]
- Systems taken offline to contain spread
- No confirmed details on data exfiltration yet
- Recovery timeline remains uncertain
- In-person student classes proceeded as planned
Leadership Vows Swift Return to Normal
Vice Chancellor for Health Affairs LouAnn Woodward addressed the situation directly. “To use a medical phrase — we have stopped the bleeding,” she said. “The bad guys won’t keep us down.”[2]
Woodward emphasized ongoing assessments. The full scope of the intrusion awaited further analysis. Officials refrained from disclosing ransom demands or payment considerations.
Key Takeaways
- 35 clinics closed statewide; hospitals operational on paper records.
- Ransomware hit Epic EHR and IT network on February 19.
- Federal agencies aiding investigation and restoration.
This incident underscores the persistent vulnerability of healthcare to cyber threats. UMMC prioritized patient safety amid the chaos, demonstrating resilience in crisis. Recovery efforts progressed, though no firm reopening date emerged by Tuesday. What steps should hospitals take next to fortify defenses? Share your thoughts in the comments.
