University of Mississippi Medical Center Ransomware Attack Shuts Down All Clinics Statewide
University of Mississippi Medical Center (UMMC) closed all 35 clinics across Mississippi after a ransomware attack hit its IT systems. The incident disrupted Epic electronic medical records access and forced cancellation of outpatient surgeries, imaging, and procedures. Hospital inpatient care and emergency services continue using manual downtime procedures.
UMMC employs over 10,000 workers and runs Mississippi’s only children’s hospital, Level I trauma center, organ transplant program, and Telehealth Center of Excellence. The attack occurred Thursday, prompting activation of the Emergency Operations Plan. Officials shut down all network systems for risk assessment. In-person classes remain unaffected.
Access content across the globe at the highest speed rate.
70% of our readers choose Private Internet Access
70% of our readers choose ExpressVPN
Browse the web from multiple devices with industry-standard security protocols.
Faster dedicated servers for specific actions (currently at summer discounts)
UMMC confirmed direct communication with ransomware operators during Thursday’s press conference. Dean LouAnn Woodward said clinical equipment functions normally with no patient safety impact. Associate Vice Chancellor Dr. Alan Jones emphasized safe care delivery via paper procedures. The FBI and CISA assist investigation.
UMMC Twitter status: “We have activated our Emergency Operations Plan and are working with authorities including the FBI and Homeland Security.”
UMMC Facility Impact Table
| Service Type | Status | Reason |
|---|---|---|
| All 35 Clinics | Closed statewide | IT systems offline |
| 7 Hospitals (inpatient) | Operational (manual) | Downtime procedures |
| Emergency Departments | Fully functional | Clinical equipment works |
| Outpatient Surgeries | Cancelled | EMR access blocked |
| Imaging Appointments | Cancelled | Epic systems down |
| Telehealth (200+ sites) | Suspended | Network shutdown |
Patient safety priority maintained.
Canceled Services List
Impact hits thousands of patients:
- Ambulatory surgeries and procedures.
- Diagnostic imaging (X-ray, MRI, CT).
- Routine clinic appointments.
- Telehealth consultations.
- Outpatient specialty visits.
Rescheduling begins post-recovery.
Responding Agencies
Federal partners engaged immediately:
- FBI cyber division leads criminal investigation.
- CISA provides ransomware expertise.
- Homeland Security coordinates response.
UMMC evaluates full system impact.
Operational Continuity Measures
Manual procedures sustain care:
- Paper charts replace Epic EMR.
- Clinical equipment independent of networks.
- Emergency departments fully staffed.
- Supply chain unaffected.
- Academic schedule normal.
No patient harm reported.
Press Conference Quotes
UMMC leaders addressed media:
- LouAnn Woodward (Dean): “Attackers have communicated. Timeline unknown.”
- Dr. Alan Jones: “All equipment works. Patients cared for safely.”
Direct operator contact confirmed ransomware.
Patient Communication Steps
UMMC notifies affected individuals:
- Cancellation calls/emails sent Thursday.
- Appointment rescheduling post-recovery.
- Emergency care access maintained.
- Billing holds during downtime.
Website remains inaccessible.
Healthcare Ransomware Patterns
UMMC attack follows trend:
- Epic systems prime targets.
- Clinic closures common outcome.
- Manual procedures standard response.
- Negotiations typical first step.
- Data theft likely occurred.
No group claimed responsibility.
Recovery Timeline Factors
Restoration depends on:
- Full network risk assessment.
- Backup validation and restoration.
- Negotiations with operators.
- FBI/CISA threat intelligence.
- EMR data integrity verification.
Days to weeks expected.
Immediate Impacts
| Stakeholder Group | Disruption Level |
|---|---|
| Clinic Patients | High (all cancelled) |
| Hospital Patients | Low (manual procedures) |
| Staff | High (systems offline) |
| Students | None (classes continue) |
| Mississippi Healthcare | Significant capacity loss |
State’s largest employer disrupted.
FAQ
Ransomware blocked Epic EMR and IT systems access.
Yes. Manual downtime procedures ensure care continuity.
FBI, CISA, Homeland Security.
Yes. Operators contacted hospital Thursday.
Unknown. Network assessments ongoing.
Hospital inpatient care and emergency departments.
Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more
User forum
0 messages