After a cyberattack disrupted electronic services at the University of Mississippi Medical Center, officials with one of the state’s largest health care providers have confirmed the attack is financially motivated.
Dr. LouAnn Woodward, UMMC’s vice chancellor for health affairs, said Tuesday that the “threat actors” behind the Feb. 19 attack are seeking financial compensation in exchange for decrypting the medical center’s electronic medical platform and other affected systems.
“They did leave demands, and again and sadly, everyone wants to know [how much]. But that’s part of what we’re not sharing with the public,” Woodward said on Mornings with Richard Cross.
The Federal Bureau of Investigation and the Department of Homeland Security, along with state and other federal law enforcement agencies and cybersecurity experts, are continuing to investigate the incident and work to restore services, Woodward said. She did not disclose whether UMMC is considering paying the ransom.
“In remarkable rapid order, FBI and Homeland Security showed up. They are working with our teams on the forensic side – what happened, how this happened, who did it, where was the vulnerability, etc. Then, we have other experts who have shown up on the recovery side,” Woodward explained.
On the morning of Feb. 19, patients and employees reported that UMMC’s record system had gone offline. Other systems, including the hospital’s website, some phone lines, and email, were also not functioning properly. Later that morning, UMMC officials confirmed a cyberattack was to blame, saying some networks had been compromised while others were shut down as a precaution.
Woodward said during a press conference the day of the attack that the perpetrators “have communicated with us,” but Tuesday marked the first time she publicly stated demands have been made by the attackers.
Dr. Alan Jones, UMMC’s associate vice chancellor for health affairs, confirmed that communication disruptions are a direct result of the attack. As of Tuesday morning, the medical center’s website remained offline.
Whether patients’ private information was compromised remains unknown.
“That’s what we’re trying to determine,” Woodward said. “Like I said, our electronic health record was one of the components that we know was impacted by the attack. What we are trying to learn is what has been encrypted, what has been exported or exfiltrated. So, that’s some of the effort that is going on now and has been going on since last Thursday that takes time to test and validate.
“Our highest concern is getting our services back up and being able to take care of our patients, but very quickly right after that is the integrity of patient data.”
In the meantime, UMMC’s 35 clinics statewide have closed and will remain closed through at least Wednesday. All elective procedures have been canceled for now. Hospital and emergency services remain open in Jackson, Grenada, Madison County, and Holmes County.
A triage line has been set up to help patients address urgent needs, including medication refills and postoperative care visits. The number is (601) 815-0000.
An official timeline for full restoration of services has not yet been provided.