UMMC ransomware attack overview:
- Who: The University of Mississippi Medical Center (UMMC) has resumed operations at all clinics.
- Why: A nine-day ransomware attack disrupted IT systems and blocked access to health records.
- Where: The recovery affects UMMC clinics statewide and hospitals in Jackson, Grenada, Madison County and Holmes County.
The University of Mississippi Medical Center has fully reopened its clinics following a significant ransomware attack that paralyzed its digital infrastructure, including the EPIC electronic medical record system, for over a week.
Detected on Feb. 19, the intrusion forced the immediate shutdown of UMMC’s network to contain the data breach. This resulted in a nine-day service suspension where most outpatient clinics statewide were closed, and elective surgeries and imaging appointments were canceled.
While hospital care and emergency departments remained open, staff were forced to rely on manual “downtime procedures,” using pen and paper to record patient information and process medical orders .
By March 2, UMMC confirmed that access to patient records and phone lines had been restored, allowing all clinics to resume normal operations.
The Federal Bureau of Investigation, the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency continue to assist in the ongoing investigation.
Although UMMC officials confirmed they were in communication with the group behind the attack, the identity of the perpetrators and their specific demands have not been publicly disclosed.
Recovery efforts focus on patient backlog and data security
Following the nine-day ordeal, UMMC has shifted its focus to addressing the backlog of canceled appointments.
To accommodate the affected patients, clinics are currently operating with extended hours and additional days. The medical center’s MyChart patient portal also returned to service over the first weekend of March, allowing patients to regain digital access to their health history.
UMMC said it was still determining whether any patient data had been compromised. While ransomware groups often steal data to use as leverage for payment, official statements maintain that no specific data types have been confirmed as stolen at this time. However, investigators are still working to determine the full scope and depth of the intrusion.
UMMC has not confirmed whether a ransom was paid to regain system access, though the restoration of the EPIC system was a key milestone in the recovery.
“This was not just an attack on UMMC; it was also an attack on our patients, students, faculty, and staff,” said Dr. LouAnn Woodward, UMMC Vice Chancellor for Health Affairs.
Last year, a ransomware attack affected more than 113,000 patients of Highlands Oncology Group and involved unauthorized access to sensitive personal and medical data, raising serious privacy concerns.
Were you affected by the UMMC shutdown? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
