‘All Computers Are Completely Shut Down’: Major US Hospital Chain Hit By Ransomware Attack

Andrew Caballero-Reynolds/AFP via Getty Images

Daily Caller News Foundation logo
Thomas Catenacci Energy & Environment Reporter
Font Size:

A large international hospital chain was attacked by ransomware Sunday leading to patients being rerouted and a switch to paper-based systems in some cases.

The ransomware attack affected Universal Health Services’ (UHS) digital networks in the U.S., including hospitals located in California, Florida, Texas, Arizona and Washington D.C., according to technology news website Bleeping Computer.

“[UHS] experienced an information technology security incident in the early morning hours of September 27, 2020,” UHS said in a statement Tuesday. “As a result, the Company suspended user access to its information technology applications related to operations located in the United States.”

UHS operates more than 400 facilities in the U.S., United Kingdom and Puerto Rico, WIRED reported.

There is no evidence that patient or employee data was accessed in any way, UHS added. Patient care continues to be delivered safely with disruptions only occurring with the company’s clinical and financial operations, UHS said. (RELATED: REPORT: HHS Computer System Hit With A Cyber Attack From A Potential Foreign Actor)

A hospital sign directing patients to the emergency room. (Steve Design/Shutterstock)

A hospital sign directing patients to the emergency room. (Steve Design/Shutterstock)

An emergency room technician of an affected UHS facility told WIRED that emergency room care hasn’t diminished and that all staff are “stepping up their game” in light of the cyberattack.

“We are using paper for everything. All computers are completely shut down,” the unnamed employee added. “Paper is workable, there is just a lot more documentation to be done so things don’t get lost — orders, meds, etc.”

While UHS hasn’t said what kind of malware was used in the attack, Bleeping Computer reported that the Russian Ryuk ransomware was used after speaking with an employee of an affected hospital. Ryuk is usually preceded by a phishing attack, according to WIRED.

A patient with a life-threatening condition died in Germany on Sept. 11 after University Hospital Düsseldorf suffered a similar cyberattack, Bleeping Computer reported. The patient was forced to go to a hospital in a different city because of the attack, according to the Associated Press.

“These incidents are hugely concerning; they could have fatal consequences,” Brett Callow, a threat analyst at antivirus company Emsisoft, told WIRED. “I would say things are as bad as they’ve ever been — worse, in fact.”

All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact