Although Universal Health Services largely runs behavioral healthcare facilities, it also operates some emergency care centers, potentially putting patients’ lives at risk.
A ransomware attack appears to have taken down all IT systems at Universal Health Services (UHS), which operates 400 hospitals and behavioral health facilities in the US and the UK. UHS employees began reporting problems on Monday via Reddit; the attack has been shutting down computers at various hospitals, forcing them to turn away patients, they say.
One UHS employee based in Arizona told PCMag that the disruption has been blamed on ransomware infecting hospital systems. “Everything is down. No access to any computer at all,” the employee said. The hospital has only recently managed to restore the phone system.
“I believe we are turning patients away,” the employee added. “We have been doing everything on paper charts. What gets me is we had no downtime protocols in place. It’s all been improv.”
Ransomware can often be delivered via phishing emails or by exploiting vulnerabilities in a company’s IT system. The hackers behind the assault will then post a ransom note, demanding the victims pay up in Bitcoin.
The attack on UHS could put patient lives at risk, which is what many security experts have long feared might occur after an attack on a major hospital system. UHS operates 328 inpatient behavioral healthcare facilities, one surgical hospital, six “ambulatory” surgery centers, and 14 “freestanding emergency departments.”
In a statement, UHS