Just over a month after suffering a ransomware attack, Universal Health Services (UHS) has managed to restore most of its affected systems. The attack took place on September 27th and forced UHS to shut down all systems in an attempt to prevent the ransomware from spreading to even more systems.
“While our information technology applications were offline, patient care was delivered safely and effectively at our facilities across the country utilizing established back-up processes, including offline documentation methods.”
All major applications and systems, including medical records, have been brought back online within hospitals and corporate environments. While the backup restoration is not yet completed, hospitals have returned or are now returning to normal operations. UHS has worked with internal IT teams and third-party forensic and security vendors to investigate the impact of the attack.
Official statements from UHS have not named the ransomware family involved in the incident, though employees told BleepingComputer that files were being renamed with the “.ryk” extension and displayed ransom notes similar to those known to belong to Ryuk.