Universal Health Services reports restoration of services and its IT network three weeks after massive ransomware attack
Universal Health Services issued an update to its status following a massive ransomware attack on September 27. Here is the full text of their October 12 update:
Universal Health Services (UHS) confirms that the UHS IT Network has been restored at Corporate and across all Acute Care hospitals, enabling connections to all major systems and applications, including the Electronic Medical Record (EMR), laboratory and pharmacy. With back-loading of data substantially complete at this point, hospitals are resuming normal operations. The wide area networks at the majority of our Behavioral Health facilities are back online as well, with the remaining to follow shortly.
The company experienced a cyberattack caused by malware early Sunday morning, September 27, 2020, at which time UHS IT disconnected all systems and shut down the Network to prevent further propagation. While the Network was offline, patient care was delivered safely and effectively at our facilities across the country using established back-up processes, including offline documentation methods.
Throughout the IT remediation work we have had no indication that any patient or employee data was accessed, copied or misused. As previously stated, the company’s U.K. operations were not impacted.
These groups are very proficient at covering their tracks when they exfiltrate data. How many times have we seen victims say that their investigation revealed no evidence of accessing or exfiltration, only to have them correct that months later?
DataBreaches.net reached out to UHS to ask some questions, but has received no reply as yet. This post may be update if a reply is received.