In a major cybersecurity incident, the University of Mississippi Medical Center (UMMC) has temporarily shut down all of its clinic locations across the state after suffering a ransomware attack that disrupted critical IT systems.

The attack, which was identified early on February 19, 2026, forced UMMC officials to close outpatient and ambulatory clinics, cancel elective surgeries and imaging appointments, and take many networked systems offline as a precaution while the situation is assessed.

UMMC, one of Mississippi’s largest healthcare providers with more than 10,000 employees, operates seven hospitals, about 35 clinics, and over 200 telehealth sites statewide. Its facilities include the state’s only Level I trauma center, the only children’s hospital, and the sole organ and bone marrow transplant program in Mississippi.

Officials confirmed that the cyberattack crippled access to the Epic electronic medical records system, a critical platform used for patient records and scheduling. Because of this, the medical center activated its Emergency Operations Plan, reverting to manual processes where possible and prioritizing essential care.

Despite the widespread disruption, UMMC leaders have stressed that hospital services, emergency rooms, and critical care operations are still functioning, with staff using downtime procedures to continue patient care safely.

Authorities, including the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), are assisting with the investigation. UMMC officials have acknowledged communication from the attackers, but at the time of reporting, no formal ransom demands or claims of responsibility had been publicly disclosed.

The incident has had real-world impacts on patients. For some, scheduled treatments — including chemotherapy — were canceled, highlighting how ransomware attacks on healthcare systems can have far-reaching consequences beyond IT outages.

Healthcare institutions remain frequent targets for ransomware groups due to the critical nature of their data and operations. Attacks like this not only disrupt services but also risk compromising sensitive patient records if data exfiltration has occurred — an ongoing concern as investigators work to determine the full scope of the breach.

UMMC officials say they are evaluating systems to determine which were impacted, and phone and email services remain intermittent or offline as part of the response effort. Updates on the timeline for restoring full services have not yet been provided.