Mississippi Medical Center Closes 35 Clinics After Ransomware Attack, Emergency Care Remains Open
Updated (2 articles)
Ransomware Attack Forces Systemwide Clinic Shutdown On Friday, Feb. 20, the University of Mississippi Medical Center shut down all of its 35‑36 statewide clinics and cancelled non‑emergency surgeries, affecting roughly three dozen locations across the state [1][2]. Emergency departments remained open while the rest of the system went dark, and officials warned the outage could last several days [2].
Staff Revert to Manual Documentation as EHR Goes Offline With the electronic health‑record platform offline, physicians began using pen‑and‑paper charts [1][2]. Vice Chancellor LouAnn Woodward ordered all IT systems to be taken down pending a risk assessment [1]. The FBI deployed agents locally and nationally to assist the investigation [1].
Patient Care Disrupted, Appointments Delayed for Critical Cases Patients such as 55‑year‑old lymphoma patient Richard Bell arrived to find bloodwork and chemotherapy appointments canceled [2]. The center could not immediately rebook his visits, leaving him to travel three hours from Oxford without care [2]. Similar disruptions affected many rural patients who rely on UMMC’s clinics [1].
Federal Agencies Mobilize Resources to Restore Networks FBI Special Agent in Charge Robert Eikhoff said restoring network connectivity is the agency’s top priority [2]. The bureau is “surging resources both locally and nationally” to help the hospital regain access to records [1]. The Department of Health and Human Services also monitors the breach for potential data exposure [1].
Financial Strain Looms for $2 Billion Health System UMMC operates on a $2 billion budget that represents about 2 % of Mississippi’s economy [1]. Prolonged downtime could pressure the system financially, though officials have not confirmed any ransom demand [1][2]. Experts warn that such attacks threaten rural health access nationwide [1].
Sources
-
1.
CNN: Mississippi health system shut down after ransomware attack – Details the shutdown of all 35 UMMC clinics, cancellation of elective procedures, manual charting, FBI involvement, and the system’s $2 billion budget impact .
-
2.
AP: Mississippi Medical Center Closes Clinics After Ransomware Attack – Emphasizes clinic closures, patient Richard Bell’s experience, FBI’s priority to restore systems, and the uncertainty surrounding attackers’ demands .
Timeline
2020s – A surge of ransomware incidents across U.S. hospitals, including attacks on major health systems, heightens national concern and sets the backdrop for the Mississippi breach, as experts note the growing cyber threat to healthcare infrastructure[1].
Feb 19, 2026 – Ransomware attackers breach the University of Mississippi Medical Center’s network, forcing the shutdown of all 35 statewide clinics and halting elective surgeries, creating a multi‑day disruption of patient care[1][2].
Feb 19, 2026 – Vice Chancellor LouAnn Woodward orders all IT systems offline pending a risk assessment, while emergency departments stay open and clinicians revert to pen‑and‑paper charts to maintain treatment continuity[1][2].
Feb 19, 2026 – Patient Richard Bell, a 55‑year‑old lymphoma case, arrives to find bloodwork and chemotherapy services unavailable and learns his appointments will not be immediately rescheduled, highlighting the immediate clinical impact[2].
Feb 19, 2026 – FBI Special Agent in Charge Robert Eikhoff says the bureau is “surging resources both locally and nationally” and declares that restoring the medical center’s networks is its top priority[1][2].
Feb 19, 2026 – Attackers communicate with university officials but make no ransom demand public; the FBI and the Department of Health and Human Services investigate a possible data breach[1][2].
Feb 19, 2026 – The $2 billion UMMC budget, representing roughly 2 % of Mississippi’s economy, faces financial strain as the outage threatens revenue and operational costs[1].
Feb 19, 2026 – John Riggi of the American Hospital Association warns that ransomware attacks are rising and can endanger rural patients who lack nearby alternatives[1].
Feb 19‑20, 2026 – University leaders caution that clinic closures may extend for several days while damage is assessed and network services are restored, indicating a prolonged recovery timeline[2].