With over 400 locations, Universal Health Services is one of the largest providers of hospitals and healthcare services in the United States. It is also the recipient of one of the most massive medical cyberattacks to date.
What happened?In the early morning hours of September 27, 2020, Universal Health Services experienced “ a security incident caused by malware .” Computers, phones, and even telemetry equipment were completely shut down. Universal Health Services runs over 250 hospitals and has 90,000 employees. It is one of the biggest healthcare companies to experience a cyberattack in the United States. Three days later, the healthcare company still cannot entirely run its IT operations, affecting almost every aspect of its business. Doctors and nurses have to use paper and pen to keep track of their patients, fill out forms, and hand-label medication. They are also experiencing difficulty accessing medical records, which is creating longer wait times, disrupting patient operations, and possibly risking patient safety. “[O]ur acute care and behavioral health facilities are utilizing their established back-up processes including offline documentation methods,” the company said in a news release. “Patient care continues to be delivered safely and effectively.” Regardless, this ransomware attack has made healthcare professionals’ jobs harder during the already stressful time of the COVID-19 pandemic. SEE MORE: Cybercriminals are Adapting Ransomware Strategies to Exploit the Current Crisis
What information was exposed?According to Universal Health Services, “At this time, we have no evidence that patient or employee data was accessed, copied or misused.”
What happens next?This cyberattack has shut down Universal's entire network. Universal Health Services is working extensively with its IT team to get its systems up and running again. Not even the largest healthcare networks are immune to ransomware. All organizations should build security systems to protect themselves against cyberattacks.
How can attacks like these be avoided in the future?Hackers are only getting smarter and more sophisticated. Your security system always needs to stay updated to stay one step ahead of cybercriminals. Ransomware can infect your IT infrastructure through something as commonplace as email. Paubox Email Suite Plus allows you to send HIPAA compliant email and comes with strong email filters to recognize and prevent ransomware from entering your inbox. It even comes with ExecProtect , a valuable tool in preventing your employees from sending sensitive data to the wrong person in a display name spoofing scheme.
Try Paubox Email Suite Plus for FREE today.