UMC Health System Diverts Patients Due to Ransomware Attack

University Medical Center (UMC) Health System in Lubbock, Texas, is dealing with the aftermath of a ransomware attack that crippled its IT infrastructure and forced the diversion of patients to other healthcare facilities. The breach, which occurred late last week, impacted key operations, including emergency services.

UMC disclosed the incident on September 27, announcing an IT outage that led to the diversion of emergency and non-emergency patients arriving by ambulance to nearby facilities.

“UMC Health System recently detected unusual activity within our IT systems. Immediately after detecting this activity, our teams launched an investigation and took steps to proactively disconnect our systems to contain the incident,” the hospital said, as reported by BleepingComputer. The attack has forced the hospital to operate under downtime procedures.

This meant reverting to paper-based records and a reduced ability to access medical data promptly. Although some critical services were restored by Monday, SecurityWeek pointed out that UMC continues to divert certain patients as it works to fully recover its systems.

Lubbock’s UMC Health System, the only Level 1 Trauma Center within 400 miles, remains committed to minimizing disruption to care. “Our healthcare facilities remain open across all access points, including Emergency Centers and Urgent Care Clinics. UMC’s Emergency Center is now accepting patients via ambulance,” the hospital confirmed on its website.

The incident is part of a larger trend in healthcare cyberattacks, which are growing in both frequency and severity. Just a few months ago, Cherry Health, a nonprofit healthcare provider in Michigan, suffered a significant ransomware attack that compromised sensitive patient data.

UMC is working closely with cybersecurity experts to resolve the breach and resume normal operations. The hospital has not confirmed if sensitive patient data has been compromised, and no ransomware group has taken responsibility.

“This is a national security issue,” said John Riggi, national advisor for cybersecurity and risk at the American Hospital Association, as quoted by Infosecurity Magazine. He stressed the risks of targeting essential trauma centers, adding, “You are putting people’s lives in jeopardy.”

The UMC attack highlights the growing threat landscape for healthcare providers and the critical need for stronger cybersecurity measures.