University of Mississippi Medical Center has closed its clinics statewide and canceled elective procedures after a ransomware attack disrupted its information technology systems.
Ransomware Attack and Operational Impact
The University of Mississippi Medical Center (UMMC) detected a ransomware attack on February 19, 2026, that impacted its IT network and multiple systems, including its EPIC electronic medical records platform. The disruption forced UMMC to take down key systems statewide and close clinics, with scheduled appointments and elective surgeries canceled until further notice. According to health system officials, clinics will remain closed while recovery efforts continue.
UMMC has continued to provide care to patients in hospital settings. Emergency departments and inpatient services are operational, with clinical operations maintained using manual recordkeeping in the absence of electronic systems. The kidney dialysis clinic at Jackson Medical Mall remained open for scheduled appointments amid the closures.
Staff have been documenting patient information with pen and paper due to the loss of electronic records, and in-person classes for students at the medical center are proceeding as scheduled.
Response and Investigations
Law enforcement agencies have been notified, and UMMC is coordinating response efforts with the Department of Homeland Security, the Cybersecurity and Infrastructure Security Agency, and the Federal Bureau of Investigation. FBI involvement includes assistance in managing the incident, though the full scope and duration of recovery remain unclear.
According to FBI leadership at a press briefing, it is too early in the incident to determine the extent of impact on patient data or how long full system restoration will take. Officials confirmed contact with the attackers but have not disclosed the attacker’s identity or whether ransom negotiations are under consideration.
System and Patient Care Continuity
Mississippi MED-COM, which coordinates hospital transfers across the state, was also affected by the ransomware attack, but redundancies in its systems have allowed patient routing to continue without interruption. UMMC leaders have affirmed that clinical equipment and hospital operations remain functional despite the IT outage.
The attack shows healthcare entities the importance of maintaining cybersecurity protocols, incident response planning, and compliance with HIPAA Security Rule standards. Protecting electronic protected health information remains a regulatory requirement, and proactive measures are necessary to mitigate the risk of ransomware and other cyber threats.
