• The company claims that no patient records were compromised.
• UHS system files were being renamed with the addition of a ‘.ryk’ extension.   

Universal Health Services Inc. (UHS), U.S.-based leading healthcare service provider with around 400 facilities across U.K. and the U.S., has reportedly been subjected to a well-coordinated ransomware attack.

Sources close to the matter stated that the staff across various UHS facilities noticed issues with their respective IT systems. Moreover, one of the employees was reported saying that the system’s files were being renamed with the addition of a ‘.ryk’ extension.

It is to be noted that the .ryk extension is associated with the Ryuk ransomware, a type of malware typically used by Russian cybercrime group known as Wizard Spider. The extension is primarily used to encrypt files and block access until a ransom is paid.

According to reliable sources, the attack compelled various UHS healthcare centers to redirect their ambulances to nearby facilities. Moreover, the staff was forced to resort to information filing using pen and paper, since the attack had disabled multiple antivirus programs in the company’s electronic database system.

In this context, UHS claims that the patients’ electronic health records were not accessed during the attack. Additionally, the company stated that it is focusing on deploying advanced security protocols in an effort to restore its IT operations.

However, Universal Health Services was unavailable to describe the nature or the size of the malware, cited sources with relevant information.

In other news, France-based container transportation and shipping company CMA CGM SA also reportedly witnessed a cyberattack at two of its subsidiaries in Asia-Pacific. Sources claimed that the company had temporarily shut down its shipping networks in order to isolate the attack.

Source credits: https://www.engadget.com/uhs-cybersecurity-attack-215055150.html