Universal Health Services (UHS), one of the largest healthcare providers in the US was affected by a ransomware attack over the weekend.
According to UHS employees, the ransomware attack happened on Sunday morning and the hospital has been operating without internal IT systems since Sunday morning.
When the UHS facilities were unable to perform lab works, some of the patients were turned away and emergencies have been redirected to other hospitals. The affected hospitals are relocating patients in need of surgery to other nearby hospitals.
The employees said that computers rebooted and a ransom note appeared on the screen. Some reports states that when the attack happened, multiple antivirus programs were disabled by the attack and hard drives just lit up with activity.
The IT staff asked the employees to shut down the computers and the systems are kept offline to block the attackers’ from reaching all devices on the network.
According to various sources, IT issues with UHS hospitals and care centers were reported in North Carolina, Texas, Arizona, Florida, and California.
UHS, an American Fortune 500 company, managing more than 400 hospitals and care centers in the US and UK has more than 90,000 employees. So, the exact magnitude of the attack is yet to be determined.
An employee said that during the cyberattack, files were being renamed to include the .ryk extension which suggests that the incident was caused by a ransomware strain named Ryuk that uses this extension.
Ryuk is a ransomware operation which were silent for months has returned to normal operations since last week.
UHS has admitted about the security incident and confirmed that no patient or employee data was impacted in the incident.
Image Credits : CCHR Florida