Ransomware attack closes clinics statewide at UMMC

A ransomware attack disrupted patient care the University of Mississippi Medical Center’s computer systems, forcing the state’s largest academic health system to close all of its clinics and cancel appointments and surgeries statewide.

What happened

According to the Mississippi Free Press, on February 19, 2026, hackers launched a ransomware attack that overwhelmed the Medical Center’s IT infrastructure, including its electronic medical records system. As a response, affected systems have been shut down to contain the breach, leaving staff without access to digital patient records, appointment schedules, imaging results, and other vital information.

The outage forced all outpatient clinics in 35 locations statewide to close, resulting in the cancellation of elective procedures and imaging appointments that had been scheduled for Thursday and Friday. Emergency departments and inpatient hospitals remain open, but clinicians have reverted to “downtime procedures,” recording information manually on paper.

Going deeper

Routine services such as chemotherapy, bloodwork, and dialysis in some outpatient settings have been affected, frustrating patients who traveled long distances for care. Local health departments that rely on shared electronic records are also facing challenges as data access remains limited. Furthermore, phone systems and email services remain unreliable, complicating patient communication. The medical center is reportedly setting up alternative contact lines, but details are still emerging.

Federal authorities, including the FBI, are assisting in the investigation and recovery effort. Officials have not disclosed whether patient data was accessed or stolen, nor have they identified the ransomware group responsible for the attack.

What was said

Dr. LouAnn Woodward, vice chancellor for health affairs and dean of the medical school, confirmed the ransomware attack at a press briefing and said patient safety remains the top priority. “Patients in our hospital and in our emergency department are being cared for,” she said, noting that staff have experience working without digital records.

FBI Special Agent in Charge Robert Eikhoff said the bureau’s priority is helping restore the center’s systems and understanding the scope of the attack. He declined to provide specifics about the perpetrators or any ransom demands.

The bigger picture

Ransomware attacks on healthcare are rising fast. Paubox reports a 264% increase since 2018, with email as the top entry point, noting that 60% of healthcare organizations faced email-related security incidents in 2024, and 95% of phishing attacks go unreported.

These attacks can freeze electronic health records, delay treatments like dialysis or chemotherapy, and expose sensitive patient data. In 2025 alone, over 1.6 million patient records were exposed via email incidents.

The University of Mississippi Medical Center’s outage shows how real the threat is. Patient care can be disrupted and privacy put at risk, indicating the need for stronger cybersecurity across healthcare.

Why it matters

When ransomware targets a healthcare facility, it can disable access to electronic health records, appointment scheduling systems, imaging results, and more. These are the types of systems that healthcare organizations, including the University of Mississippi Medical Center, depend on daily. In addition to causing delayed appointments or canceled services, ransomware can disrupt emergency care procedures, postpone critical treatments such as dialysis or chemotherapy, and jeopardize patient privacy.

See also: HIPAA Compliant Email: The Definitive Guide (2026 Update)

FAQS

Who is responsible for the attack?

As of now, UMMC and the FBI have not publicly identified the attackers. The investigation is ongoing.

Are the attackers demanding ransom?

UMMC has not disclosed whether a ransom has been demanded. In general, cybercriminals often demand payment to release encrypted data.

How can hospitals protect against ransomware?

Strong cybersecurity measures include employee training on phishing, regular backups, secure email systems, like Paubox, and up-to-date IT infrastructure to detect and prevent attacks.