Universal Health Systems suffers disruptive cyberattack.
Universal Health Services (UHS), a major hospital chain based in the US, sustained a suspected ransomware attack on Sunday that NBC News calls "one of the largest medical cyberattacks in United States history." The company stated on Tuesday, "The cyber attack occurred early Sunday morning, at which time the company shut down all networks across the U.S. enterprise. We have no indication at this time that any patient or employee data has been accessed, copied or misused. The company's UK operations have not been impacted." The Wall Street Journal reports that the company took down systems at all two-hundred-fifty of its facilities in the US to prevent the attack from spreading, and the incident forced some hospitals to divert ambulances and reschedule surgeries.
BleepingComputer cites UHS employees as saying the attack involved the Ryuk ransomware. TechCrunch notes that Ryuk's operators were not among the handful of ransomware gangs that pledged to avoid targeting hospitals earlier this year.
Many outlets, Threatpost and WIRED among them, are drawing the obvious comparison between the UHS attack and the ransomware incident earlier this month in Düsseldorf that forced an ambulance diversion that cost a patient her life. There are no known lethal consequences of the UHS incident, so far at any rate, and reversion to manual systems appears to have enabled the hospitals to continue their operations, albeit in an impeded fashion.
Tyler Technologies urges password resets.
Tyler Technologies, which suffered a ransomware attack last week, warned last Saturday that two of its customers had reported suspicious logons to their systems using Tyler credentials. The company stated, "Given this new information, and if you haven't already done so, we strongly recommend that you reset passwords on your remote on your remote network access for Tyler staff and the credentials that Tyler personnel would use to access your applications, if applicable. Although we do not have enough information to know whether this evening's reports of suspicious activity are related to the ongoing investigation of unauthorized access to Tyler's internal systems, we believe precautionary password resets should be implemented."
Given Tyler's extensive work with the US public sector, ZDNet notes that "the ransomware attack on this company's network might quietly become one of the biggest cyber-attacks of the year, if indeed attackers gained access to passwords for customer networks."