UMC Health System diverted patients following a ransomware attack

US healthcare provider UMC Health System had to divert patients due to a network outage caused by a ransomware attack.

On September 27, 2024, US healthcare provider UMC Health System announced an investigation into an IT outage across its network. UMC diverted patients for several days after taking IT systems offline following a ransomware attack.

“However, out of an abundance of caution, we will continue to temporarily divert incoming emergency and non-emergency patients via ambulance to nearby health facilities until this issue is resolved. We are making accommodations wherever possible to minimize any disruption to our patients and our critical services.” reads a notice on the IT outage. “Our investigation into this incident remains ongoing and will take time to complete. In the meantime, we are standing up this dedicated webpage to provide the latest information. We will continue to provide updates via this site as services are restored and additional information becomes available.”

UMC Health System is a healthcare provider based in Lubbock, Texas. It operates University Medical Center, a major teaching hospital affiliated with Texas Tech University Health Sciences Center. UMC Health System provides a wide range of medical services, including emergency care, specialized surgeries, and comprehensive treatment programs. It serves as a regional medical center, offering both inpatient and outpatient care, and is known for its trauma center and advanced healthcare technologies.

The company announced that the healthcare facilities remain open across all access points including Emergency Centers and Urgent Care Clinics. UMC Clinics also remained open

The company launched an investigation into the security breach with the help of third-party cybersecurity experts. The hospital disconnected its systems from the Internet to contain the threat.

By Monday, the hospital restored some systems and services, but a few patients were still being diverted.

“Third parties that have helped other hospitals address similar issues have been engaged to assist in our response and investigation. Our teams are working around the clock to safely restore systems as quickly as possible.” concludes the notice.

“We appreciate your patience. It remains our mission and our goal to ensure our patients continue to receive the best care.”

The company did not provide details about the attack, such as the family of ransomware that hit the hospital. It’s unclear if threat actors had exfiltrated patients’ data during the attack

Healthcare infrastructure in the US continues to be under attack, in July, the Lockbit ransomware gang breached the Fairfield Memorial Hospital in Illinois. Unfortunately, the ransomware group claimed the hack of other hospitals in the same period. The extortion group also claimed the hack of the Merryman House Domestic Crisis Center, and the Florida Department of Health.

In February the Lurie Children’s Hospital in Chicago took IT systems offline after a cyberattack. The security incident severely impacted normal operations also causing the delay of medical care.

Lurie Children’s Hospital is one of the top pediatric hospitals in the United States.

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, UMC)