A week after a malware infection hit the networks of Universal Health Services, which operates more than 400 facilities in the U.S., the company has restored much of its network operations and in the process of reconnecting many of its applications.
The attack began on Sept. 27 and began having a cascading effect across the UHS networks over the next couple of days. After the company’s IT staff noticed the intrusion, it shut down the corporate networks and shut off connectivity among the facilities to prevent the malware from spreading. As a result, some of the company’s hospitals were forced to divert patients to other facilities and staff had to do paperwork, charts, and records by hand. The incident was reportedly a ransomware attack, though company officials have not confirmed that.
On Monday, the company said that much of its networks are back up and running, though some challenges remain.
“The UHS IT Network has been restored and applications are in the process of being reconnected. The recovery process has been completed for all servers at the corporate data center and connectivity has been re-established for all U.S.-based inpatient facilities. Our major information systems such as the electronic medical record (EMR) were not directly impacted; we are in the process of restoring connections to these systems and back-loading data from the past week,” the statement says.
“More than half of our Acute Care hospitals are live already or scheduled to be live by the end of today. UHS has deployed a significant number of IT and clinical resources to the hospitals, to support the resumption of online operations. The go-lives will continue on a rolling basis; in the meantime, those working toward go-live are continuing to use their established back-up processes including offline documentation methods.”
Since the incident first occurred, UHS officials have said that they have no indication that patient or employee data had been accessed or copied.