University of Mississippi Medical Center Closes Clinics After Ransomware Attack

What happened

The University of Mississippi Medical Center (UMMC) closed all clinic locations statewide after a ransomware attack disrupted IT systems and blocked access to the Epic electronic medical records platform. The incident occurred on February 20, 2026, prompting the hospital to shut down all network systems while investigating the attack with assistance from the FBI, CISA, and Homeland Security. Outpatient procedures, surgeries, and imaging appointments were canceled, while hospital services continued using downtime procedures. Officials confirmed communication with the ransomware attackers and stated they are working with authorities to assess the situation and determine next steps, though no ransomware group has claimed responsibility. 

Who is affected

Patients, healthcare staff, and operations at the University of Mississippi Medical Center, which operates seven hospitals, 35 clinics, and more than 200 telehealth sites, are affected due to disruptions to IT systems and medical record access. 

Why CISOs should care

The incident demonstrates how ransomware attacks on healthcare infrastructure can disrupt clinical operations and electronic medical record access, forcing organizations to rely on manual downtime procedures while responding to cyber incidents. 

3 practical actions

• Activate incident response procedures immediately. UMMC implemented its Emergency Operations Plan and isolated network systems to contain the attack. 
• Coordinate with law enforcement and federal agencies. UMMC engaged the FBI, CISA, and Homeland Security to assist in the investigation. 
• Maintain operational continuity through downtime procedures. The hospital continued patient care using alternative workflows while IT systems were offline.