The University of Mississippi Medical Center issued the following statement.
Medical Center teams are working around the clock in response to Thursday’s cyberattack. Federal authorities continue to assist us, including specialized FBI teams that are onsite. We have engaged the services of three national vendors that are experts in situations like ours including in cyber forensics, recovery and security. At this time, it is still unknown the extent of the infiltration or how long it will take to return to regular operations. Alongside our own UMMC IT and information security teams, we appreciate the assistance of experts in these fields.
Our phone systems and ability to receive or send emails remain down or not reliable.
Our hospitals and Emergency Departments continue to provide safe, needed care and we’ve alerted other hospitals that we can again start receiving transfers of patients needing a higher-level of care. The phone number to contact Mississippi MED-COM to inquire about a patient transfer is 601-362-4264. Also, ambulance services have been notified that we are no longer on diversion.
We are working on a solution for patients to contact us about routine medical and/or medication needs. We will publicly share that pathway once available.
Also, we are reaching out to patients who are receiving time-sensitive treatments, for example, chemotherapy, to set up appointments.
We apologize for the inconvenience you have experienced because of this criminal intrusion into our networks. Our hope is that we can soon return to normal operations and return to fully serving Mississippi’s needs.

11 comments:
Mississippi - Remaining #1 for medical cyber attacks.
Terrible situation, but inquiring minds want to compare the crisis costs of the 3 national vendors to what it would have cost to harden their systems against cyberattacks at their leisure.
Is Mississippi still so far behind other states that they still do not know how to prevent this from happening?
@2:00pm Are you joking? This could quite literally happen to any institution in the world - and it is getting worse every day. Stop putting our state down for no reason.
Or use standard non-computerized landlines and pencils & paper.
Having lived through one of these with my employer, admittedly on a smaller scale, the impacts from a cyber attack remain for months, even if corrected and back on line today.
@1:58
Get a grip you foolish pleb! Mississippi IT state employees walk on water and perform miracles! They did nothing wrong! This could happen anywhere!
For everyone who does not work in the IT field... with all due respect, PLEASE shut up. You sound like idiots with your comments to us that are. No one is immune from a cyber attack.
This cyber hacking stuff sure is dangerous. Has Congress committed to passing common sense cyber crime laws? More laws=leas crime. Maybe we need to restrict the type of computers and computers programs that people have access to? Since criminals can weaponize computers, we need to restrict access to computers! Won’t somebody think of the children?
I was born a hacker to two elite hacker parents. (mom was a Mac and dad was a PC) I literally wrote the book on hacking. (Printed in binary so you must compile it yourself)
My advice to everyone is to come together and support UMMC. There is nothing they could’ve done. Very few state employees working in IT have ever hacked so much as Polycom phone to play Doom. Very few of them could even compile and install Gentoo Linux. But they are human. Stop attacking them when they are at rock bottom. These are your neighbors. The bad guys are who you should direct your rage towards! Now I’m going to get back to hacking the Gibson.
❄️ Snowcrash out!
It is so angering. Incompetent leadership. Now they want to spend money on national vendors who are experts in "crisis cybersecurity hacked scenarios."
This is exactly the problem with having an all Emergency Medicine Vice Chancellor's office. All they know how to do is manage from a crisis, manage from an emergency. It is literally their training. React react. Versus strategize, invest, and plan.
Instead of spending the adequate amount of time and money and resources creating a strong and powerful cybersecurity posture within the institution over the 5-10 years, they ignored or put it at the bottom of the priority list because they do not understand.
And now all of our data exposed is the consequence. And now they reach out to the experts for the "crisis" and "emergency" because that is all these people have been trained to lead from.
1:58PM is correct. Crisis costs and the post crisis lawsuits due to their mishandling of their data will pale in comparison to what it would have cost to manage the importance of such important information correctly.
Post a Comment