Business Continuity Management / Disaster Recovery,
Fraud Management & Cybercrime,
Governance & Risk Management
Hospitals Remain Operational as University of Mississippi Medical Center Cancels Elective Procedures Following Cyberattack; FBI Involved
The University of Mississippi Medical Center (UMMC) has activated its emergency operations plan due to a ransomware attack that has resulted in the cancellation of all elective procedures and clinic appointments across its statewide facilities. As investigations by the FBI commence, the medical center is focusing on mitigating the impact of the breach on healthcare services.
Related Insight: Addressing Cloud Risks in Healthcare with Enhanced Security Measures
The FBI’s involvement was confirmed by Robert Eikhoff, the special agent in charge for Mississippi, who stated, “It’s too early for us to communicate the specifics of this incident, but we are mobilizing both local and national resources to respond effectively.” This proactive stance underscores the seriousness of the situation.
“We do not know how long this situation may last.”
– LouAnn Woodward, Vice Chancellor for Health Affairs, University of Mississippi Medical Center
LouAnn Woodward, Vice Chancellor for Health Affairs at UMMC, indicated that the attackers have established communication, with ongoing cooperation involving authorities and cybersecurity specialists. While the full extent of the attack remains unclear, she emphasized that hospital and emergency room services continue to operate using backup protocols.
UMMC’s main campus in Jackson hosts four hospitals, providing a total of 827 patient beds. A notice on the institution’s Facebook page indicated that numerous IT systems are compromised, affecting access to electronic medical records, which are critical for patient care. Statewide clinic closures were promptly communicated, stating that outpatient procedures will need to be rescheduled.
As of Thursday afternoon, UMMC’s website was reported offline, and automated messages on the main telephone line informed callers about the ongoing cyberattack, highlighting communication challenges faced by the institution during this crisis.
This incident represents a classic example of adversary tactics within the MITRE ATT&CK framework, particularly around initial access and disruption techniques, as cybercriminals often seek to exploit vulnerabilities to execute ransomware attacks. The ongoing investigation will likely reveal further details on the specific methods employed during this breach.