The University Medical Center (UMC) Health System in Lubbock, Texas, has confirmed a ransomware attack that disrupted its IT infrastructure last week, forcing the diversion of emergency and non-emergency patients.
UMC, the only level 1 trauma center within 400 miles, faced significant operational challenges, with phone systems down and the patient portal inaccessible. Despite this, UMC’s healthcare facilities, urgent care clinics and physician offices remained open, operating under downtime procedures.
Ongoing Investigation and Response Efforts
UMC provided an update on Monday, saying that progress had been made in restoring services over the weekend. Emergency Centers and Urgent Care Clinics are open, and ambulances are now accepted at the Emergency Center.
“However, out of an abundance of caution, the Emergency Center continues to divert a select number of patients until all UMC resources are fully functioning. Additionally, UMC Physicians Clinics remain open as regularly scheduled,” the organization said.
It also reaffirmed that patient care and safety are top priorities as it works to minimize disruptions to critical services.
“This is a national security issue,” said John Riggi, national advisor for cybersecurity and risk at the American Hospital Association. He stressed the severe risks when essential trauma centers are targeted by cyber-attacks, adding, “You are putting people’s lives in jeopardy.”
UMC’s investigation into the ransomware incident is ongoing, and it remains unclear if any patient data has been compromised. The health system previously experienced a data breach in January, affecting 127,000 individuals.
“The ubiquity of ransomware attacks on healthcare entities highlights the critical need for collective defense and intelligence-driven security processes to proactively defend against these attacks,” commented Emily Phelps, VP at Cyware.
“We must move beyond reactive strategies. Proactively harnessing shared threat intelligence and automation will empower organizations to detect and neutralize attacks before they disrupt essential services. Collaboration between private and public sectors is essential in building a unified defense against this growing threat.”
UMC is reportedly working around the clock with third-party assistance to fully recover and restore operations as quickly and safely as possible.