LUBBOCK, Texas – University Medical Center (UMC) Health System was the victim of a ransomware attack last week, forcing it to divert incoming emergency and non-emergency patients to other hospitals to ensure patient safety.
The attack was first confirmed on Thursday, reports LubbockOnline. It affected multiple systems, including UMC’s phone system. Messages on the patient portal could not be viewed.
Related Article: Lehigh Valley Health Network to Pay $65 Million After Hackers Leaked Nude Photos of Cancer Patients
UMC is the only Level 1 trauma center in west Texas. The closest other Level 1 trauma center is 400 miles away, reports KCBD.
As of Monday, UMC said it had made progress throughout the weekend restoring some services impacted by the ransomware attack.
“Our healthcare facilities remain open across all access points including Emergency Centers and Urgent Care Clinics,” the system said in a statement. “UMC’s Emergency Center is now accepting patients via ambulance. However, out of an abundance of caution, the Emergency Center continues to divert a select number of patients until all UMC resources are fully functioning.”
The statement also said UMC is working “around-the-clock” with the assistance of third parties to investigate and respond to the incident.
Healthcare Has the Most Expensive Ransomware Attacks
For several years now, ransomware attacks, often perpetrated by gangs affiliated with Russia, have been plaguing healthcare as well as other industries. The global average cost of a data breach is now $4.88 million, according to the IBM Cost of a Data Breach Report 2024.
Although the average cost of a data breach has gone down this year by 10.6%, healthcare has the most expensive breach recoveries, costing an average of $9.77 million.
Related Article: 2,000 Critical Access Hospitals to Receive Free Cybersecurity Services
Some breaches, however, are even more costly. Losses experienced by Change Healthcare as a result of this spring’s ransomware attack were estimated to be anywhere from $100 million to $1 billion per day.
The surge of ransomware attacks has become so alarming that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) last year launched its Pre-Ransomware Notification Initiative designed to help organizations thwart ransomware attacks in the early stages of incidents.