A major cyber attack was faced in the US when one of the largest healthcare providers Universal Health Services was hit by a ransomware attack.
The attack hit UHS systems early on Sunday morning, according to two people with direct knowledge of the incident, locking computers and phone systems at several UHS facilities across the country, including in California and Florida.
One of the people said the computer screens changed with text that referenced the “shadow universe,” consistent with the Ryuk ransomware. “Everyone was told to turn off all the computers and not to turn them on again,” the person said. “We were told it will be days before the computers are up again.”
It’s not immediately known what impact the ransomware attack is having on patient care, or how widespread the issue is.
UHS published a statement on Monday, saying its IT network “is currently offline, due to an IT security issue.”
“We implement extensive IT security protocols and are working diligently with our IT security partners to restore IT operations as quickly as possible. In the meantime, our facilities are using their established back-up processes including offline documentation methods. Patient care continues to be delivered safely and effectively,” the statement said.
“No patient or employee data appears to have been accessed, copied or otherwise compromised,” it added.
UHS has 400 hospitals and healthcare facilities in the U.S. and the U.K., and serves millions of patients each year.
The Ryuk ransomware is linked to a Russian cybercrime group, known as Wizard Spider, according to security firm Crowdstrike. Ryuk’s operators are known to go “big game hunting” and have previously targeted large organizations, including shipping giant Pitney Bowes and the U.S. Coast Guard.
Some ransomware operators said earlier this year that they would not attack health organizations and hospitals during the COVID-19 pandemic, but Ryuk’s operators did not.
Last week, police in Germany launched a homicide investigation after the death of a woman who was diverted to another hospital following a ransomware attack.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.