What happened
The University of Mississippi Medical Center (UMMC) closed all clinic locations statewide after a ransomware attack disrupted IT systems and blocked access to the Epic electronic medical records platform. The incident occurred on February 20, 2026, prompting the hospital to shut down all network systems while investigating the attack with assistance from the FBI, CISA, and Homeland Security. Outpatient procedures, surgeries, and imaging appointments were canceled, while hospital services continued using downtime procedures. Officials confirmed communication with the ransomware attackers and stated they are working with authorities to assess the situation and determine next steps, though no ransomware group has claimed responsibility.Â
Who is affected
Patients, healthcare staff, and operations at the University of Mississippi Medical Center, which operates seven hospitals, 35 clinics, and more than 200 telehealth sites, are affected due to disruptions to IT systems and medical record access.Â
Why CISOs should care
The incident demonstrates how ransomware attacks on healthcare infrastructure can disrupt clinical operations and electronic medical record access, forcing organizations to rely on manual downtime procedures while responding to cyber incidents.Â
3 practical actions
- Activate incident response procedures immediately. UMMC implemented its Emergency Operations Plan and isolated network systems to contain the attack.Â
- Coordinate with law enforcement and federal agencies. UMMC engaged the FBI, CISA, and Homeland Security to assist in the investigation.Â
- Maintain operational continuity through downtime procedures. The hospital continued patient care using alternative workflows while IT systems were offline.
John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.