UMMC closes clinics amid ransomware attack

The University of Mississippi Medical Center, or UMMC, is experiencing a ransomware attack that began on Thursday morning. For the second consecutive day, UMMC has temporarily closed its clinics, cancelled elective procedures and activated downtime protocols at its emergency room, local news outlets first reported.  

UMMC is Mississippi's only academic medical center and operates the only hospital in the state designated as a Level 1 trauma center. UMMC also operates more than 30 clinics. 

As a precaution, UMMC took its network systems offline, including its EHR system, Epic, and its website. The organizations said it would conduct risk assessments before bringing anything back online. 

Hospitals remain open, with clinicians using pen and paper while the EHR system is down. The only clinic that remains open is the dialysis clinic at the Jackson Medical Mall.  

At a press conference held on Thursday afternoon, LouAnn Woodward, UMMC vice chancellor for health affairs, said that hospital and emergency department patients are being cared for, the Clarion Ledger reported.  

"The attackers have communicated to us, and we are working with the authorities and the specialists on next steps," Woodward said. 

UMMC is working with the FBI to respond to the cyberattack. 

 "At this point in the incident it's too early for us to communicate what we do and don't know, but we are in the process of surging resources both locally and nationally into this incident," Robert Eikoff, FBI special agent in charge of Mississippi, said at the press conference. 

In its most recent update, posted on Facebook on Thursday evening, UMMC said it was working with authorities and national experts in cyberattack response to evaluate the extent of the attack and determine next steps. 

"We expect this to be a multi-day event and will communicate helpful information, when available," the post stated. 

Jill Hughes has covered healthcare cybersecurity and privacy news since 2021.