Mississippi Medical Center restores clinics after a ransomware attack disrupted IT systems, forced appointment cancellations, and impacted patient care statewide.

Continue reading
The University of Mississippi Medical Center (UMMC) has restored operations across its statewide clinic network after a ransomware attack crippled its digital systems for more than a week, forcing widespread cancellations and disrupting patient care across one of the state’s largest healthcare providers.
The cyberattack, first detected on February 19, 2026, knocked multiple IT systems offline, including the organization’s Epic electronic health record (EHR) platform, as well as internal communication systems such as email and phone services. As a result, UMMC was forced to shut down dozens of clinics statewide, cancel outpatient procedures and imaging appointments, and rely on manual paper-based processes to continue treating patients.
After nearly nine days of disruption, the medical center confirmed that its clinics have resumed normal operations, with phone lines restored and staff beginning to contact patients to reschedule missed appointments.
UMMC is Mississippi’s only academic medical center and one of the state’s largest healthcare providers. The system operates seven hospitals, more than 35 clinics, and over 200 telehealth sites statewide, employing more than 10,000 staff members.
When the ransomware attack hit the network, administrators quickly shut down large portions of the IT infrastructure to contain the intrusion and prevent further spread. This action limited access to patient records, appointment systems, and other clinical tools essential for routine operations.
With digital records inaccessible, clinicians were forced to switch to downtime procedures, documenting patient care manually using pen-and-paper records while technicians worked to restore the network.
Despite the operational chaos, hospital services and emergency departments remained open. Facilities in Jackson, Grenada, Madison County, and Holmes County continued to treat patients during the outage.
The cyberattack significantly disrupted patient services across the state. Clinics canceled or postponed a wide range of medical appointments, including:
Patients requiring urgent treatment, such as chemotherapy or other time-sensitive care, were prioritized while the health system worked to restore access to electronic medical records.
For many patients, the sudden disruption caused confusion and delays. Some reportedly traveled long distances for appointments only to discover that services had been suspended due to the cyberattack.
UMMC’s information systems division worked around the clock with cybersecurity specialists to recover affected infrastructure and safely bring networks back online. The organization also coordinated with federal authorities, including the Federal Bureau of Investigation (FBI) and cybersecurity experts, to investigate the attack.
As systems were gradually restored, access to patient records returned, enabling clinics to resume scheduled appointments and routine medical services. The health system has also begun extending clinic hours in some locations to manage the backlog of appointments caused by the outage.
UMMC has not publicly disclosed the identity of the attackers or whether a ransom demand was paid. The organization has stated that investigations remain ongoing and that it is still assessing whether any sensitive patient information was compromised.
The incident highlights a persistent and growing cybersecurity challenge facing hospitals and healthcare systems worldwide. Ransomware groups frequently target healthcare institutions because service disruption can pressure organizations to quickly pay ransom demands to restore critical systems.
Healthcare networks rely heavily on interconnected digital infrastructure, from patient records and scheduling systems to diagnostic tools and medical devices. When these systems go offline, even temporarily, the consequences can ripple across patient care, clinical workflows, and hospital logistics.
Experts warn that attacks like the one targeting UMMC illustrate how cyber incidents increasingly intersect with public health and patient safety, turning cybersecurity into a critical component of modern healthcare operations.
Although UMMC has restored normal operations, officials say recovery efforts and security reviews will continue in the coming weeks. The organization is focusing on clearing the backlog of missed appointments, supporting affected patients, and strengthening defenses to prevent similar attacks in the future.
For Mississippi’s largest medical system, the incident serves as a stark reminder that cybersecurity resilience is now inseparable from healthcare delivery itself.

148 malicious npm packages masquerading as student proxy and school Wi-Fi bypass tools. Rather than compromising developers during installation