Medusa ransomware hits University of Mississippi Medical Center

The Medusa ransomware gang claimed credit for an attack on the University of Mississippi Medical Center. The breach began February 19 and forced the closure of 35 clinics across the state. Elective surgeries and imaging appointments were suspended. Access to the hospital's Epic electronic health record system was cut off for nine days. Staff reportedly reverted to handwritten charts. Some patients were diverted to other facilities. On March 12 the group added the medical center to its dark web leak site. It claimed to have exfiltrated more than 1 TB of data including patient health information and employee records. Medusa demanded 800000 dollars in ransom. The gang operates a ransomware as a service model and has a history of targeting critical infrastructure organizations from healthcare to the public sector.