Universal Health Services, one of the largest healthcare providers in the U.S., has been hit by a ransomware attack.
The attack hit UHS systems early on Sunday morning, according to two people with direct knowledge of the incident, locking computers and phone systems at several UHS facilities across the country, including in California and Florida.
One of the people said the computer screens changed with text that referenced the â€œshadow universe,â€ consistent with the Ryuk ransomware. â€œEveryone was told to turn off all the computers and not to turn them on again,â€ the person said. â€œWe were told it will be days before the computers are up again.â€
Itâ€™s not immediately known what impact the ransomware attack is having on patient care.
An executive who oversees cybersecurity at another U.S. hospital system, who asked not to be named as they were not authorized to speak to the press, told TechCrunch that patient medical data is â€œlikely safeâ€ as UHS relies on Cerner, a healthcare technology company, to handle its patientsâ€™ electronic health records.
UHS has 400 hospitals and healthcare facilities in the U.S. and the U.K., and serves millions of patients each year.
A spokesperson for UHS did not immediately respond to a request for comment.
The Ryuk ransomware is linked to a Russian cybercrime group, known as Wizard Spider, according to security firm Crowdstrike. Ryukâ€™s operators are known to go â€œbig game huntingâ€ and have previously targeted large organizations, including shipping giant Pitney Bowes and the U.S. Coast Guard.
Some ransomware operators said earlier this year that they would not attack health organizations and hospitals during the COVID-19 pandemic, but Ryukâ€™s operators did not.
Last week, police in Germany launched a homicide investigation after the death of a woman, who was diverted to another hospital following a ransomware attack.