Universal Health Services Network Impacted by Alleged Ransomware Attack

NJCCIC Alert

Original Release Date: 9/28/2020

Summary

Over the weekend, the network of Universal Health Services (UHS), one of the largest healthcare providers in the United States, was impacted by an alleged ransomware attack. According to a statement released by UHS, the network is currently offline due to an IT security issue; however, no patient or employee data appears to have been accessed, copied, or compromised. Open-source reporting indicates that the IT security issue is due to ransomware and that patients were turned away and emergencies were diverted to other hospitals as a result. It is unclear at the time of this writing whether the entire network or only portions of the network were impacted. IT incidents affecting hospitals, particularly ransomware, can have serious implications to public health and safety. Recently, a hospital in Germany suffered a ransomware incident and, consequently, a patient was diverted to another hospital and died due to the delay in treatment.

Recommendations

The NJCCIC encourages users, businesses, and organizations to review and implement the recommendations provided in the NJCCIC Ransomware: Risk Mitigation Strategies guide to help prevent or limit the impact of a ransomware incident.

Reporting

We encourage recipients who discover signs of malicious cyber activity to contact us via the cyber incident report form by clicking here.

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.