Toggle sidebar

Not good - UMMC feeling the pain...

P

patdog

Heisman
May 28, 2007
56,611
25,907
113
Yikes. I know a couple of their IT guys. I guess they're not having a good day right now.
 
The Peeper

The Peeper

Heisman
Feb 26, 2008
15,380
10,504
113
Wonder if this will be a ransom type attack where they will wipe the records?
 
P

Pink Floyd.sixpack

Junior
Aug 22, 2012
326
299
63
I’ve always been told that EPIC is backed up in triplicate in unconnected avenues. Takes about 24 hours to transition to a backup. Friend that works there said this is doomsday scenario there today. Amazing we can find anything from outer space with technology but you never hear of cyber criminals arrested at all. This is going to be a tough recovery for UMMC.
 
  • Wow
Reactions: patdog
Seinfeld

Seinfeld

All-American
Nov 30, 2006
11,101
6,916
113
dorndawg said:
I get that if we knew how to stop these attacks, we would - and also it's MADDENING we spend 990 kajillion dollars on "security" yet patient records aren't secure at the 17ing hospital.
Click to expand...
It's frustrating. Also, while I realize that it's not entirely impossible, I sometimes think about how rare it is to hear about someone's brokerage, IRA, or 401k account getting hacked, drained, or deleted. In other words, what are they doing that other multi-trillion dollar industries like healthcare aren't doing?
 
  • Like
Reactions: peewee.sixpack and dorndawg
D

DT4248

Senior
Apr 22, 2025
560
704
93
Pink Floyd.sixpack said:
I’ve always been told that EPIC is backed up in triplicate in unconnected avenues. Takes about 24 hours to transition to a backup. Friend that works there said this is doomsday scenario there today. Amazing we can find anything from outer space with technology but you never hear of cyber criminals arrested at all. This is going to be a tough recovery for UMMC.
Click to expand...
It is backed up heavily with daily copy down environment, weekly copy down environment, shadow live reporting environment, and more.

Source: I know Judy hates when people call it EPIC. It's not an acronym and we never capitalize it in hyperspace. It's just Epic.
 
P

patdog

Heisman
May 28, 2007
56,611
25,907
113
DT4248 said:
It is backed up heavily with daily copy down environment, weekly copy down environment, shadow live reporting environment, and more.

Source: I know Judy hates when people call it EPIC. It's not an acronym and we never capitalize it in hyperspace. It's just Epic.
Click to expand...
Looks like we're about to test those backup procedures in a live situation. I pray they're as good as they're supposed to be. And they probably will be but you never really know until something like this happens.
 
skip dog

skip dog

Senior
Nov 15, 2005
1,122
710
93
Cyber attacks like this and our power infrastructure are probably our greatest vulnerabilities...... WE really need to buckle down as a country on protecting from this.

This is our level 1 trauma center and it is shut down........... there is some serious pediatric care (just to name one element) that occurs in that facility, and this is dangerous
 
  • Like
  • Angry
Reactions: MagnoliaHunter, greenbean.sixpack, DawgInThe256 and 1 other person
ckDOG

ckDOG

All-American
Dec 11, 2007
9,981
5,795
113
GloryDawg said:
I would hate to be the employee who opened up that link. Wait it's a state employee.
Click to expand...
You'd be surprised sophisticated scams are now. Even in the hiring world bots can get through application and phone screening. Some have even hired them. Once the person behind the bot gets inside the firewall they'll wreck ****. Weird world out there...
 
LandArchDawg

LandArchDawg

Junior
Sep 14, 2003
2,542
206
63
GloryDawg said:
I would hate to be the employee who opened up that link. Wait it's a state employee.
Click to expand...
It was probably a 60+ year old admin who thought she was clicking a cute cat video or thought she really won a lottery. They ruin it for the rest of us when we have to use multi-factor logins to access or share anything at work, and the security VPN slows production down.
 
  • Like
Reactions: stateu1, greenbean.sixpack and GloryDawg
ckDOG

ckDOG

All-American
Dec 11, 2007
9,981
5,795
113
CEO2044 said:
I hate that for UMMC. My mind will never wrap around how scummy some people are.
Click to expand...
I work for a kids hospital. I get scam attempts all the time. Nobody is off limits. We have great education and prevention efforts but it's only a matter of time before awful people succeed at ripping off their target.
 
  • Like
Reactions: HRMSU
HailStout

HailStout

Heisman
Jan 4, 2020
5,249
14,809
113
I’ve worked at a hospital where this has happened before. The guy’s holding the Information hostage really do operate like a business. They will give previous times that they have hacked systems so you can look and see that they did indeed restore service once they receive the money. There is very oddly open lines of communication between the hospital and the thieves. It’s weird.These are smart people. Evil, but smart.
 
P

patdog

Heisman
May 28, 2007
56,611
25,907
113
LandArchDawg said:
It was probably a 60+ year old admin who thought she was clicking a cute cat video or thought she really won a lottery. They ruin it for the rest of us when we have to use multi-factor logins to access or share anything at work, and the security VPN slows production down.
Click to expand...
Honestly, it could happen to anybody. I don't care how careful you are, all it takes is one mistake. Don't be overconfident. But yeah, some are much more likely than others.
 
  • Like
Reactions: HRMSU, CEO2044 and dorndawg
C

CEO2044

Senior
May 11, 2009
1,823
470
83
ckDOG said:
I work for a kids hospital. I get scam attempts all the time. Nobody is off limits. We have great education and prevention efforts but it's only a matter of time before awful people succeed at ripping off their target.
Click to expand...
Oh, I know. I work in healthcare too, and I know that this can happen. It's just hard for me to believe sometimes how truly evil people can be in the pursuit of money.
 
  • Like
Reactions: MagnoliaHunter and ckDOG
D

DT4248

Senior
Apr 22, 2025
560
704
93
Pars said:
Why couldn’t they just hit the billing department?
Click to expand...
Most of the money a hospital gets is from insurance not self pay - attack the insurance companies is a better ask.
patdog said:
Looks like we're about to test those backup procedures in a live situation. I pray they're as good as they're supposed to be. And they probably will be but you never really know until something like this happens.
Click to expand...
I mean this is not even the first one in the State of Mississippi in the past two months. There are constant threats and being someone who dealt with Red Saturday at Singing River a few years ago - the backups and defense fortifications on the IT side have become great. Hell just look at the difference in how SRHS handled that attack vs. their most recent one.

Downtime Prevention is at the forefront of most everyone's minds these days (when it's not clogged with AI automation)
 
  • Like
Reactions: DoggieDaddy13 and patdog
Car Ramrod.sixpack

Car Ramrod.sixpack

Senior
Sep 21, 2017
883
622
93
A family member of mine was a military manufacturing contractor and was hit with a ransomware attack via email from a vendor. He said they could see the hackers changing the folders in real time until he walked over and pulled the modem out of the server cabinet. He had everything backed up to a separate server onsite so they did not loose anything and told the hackers to get bent.

The real PIA was when the DOD found out about it thru the vendor where the email originated from. They had the CIA and FBI show up at their facility to investigate.
 
Car Ramrod.sixpack

Car Ramrod.sixpack

Senior
Sep 21, 2017
883
622
93
skip dog said:
Cyber attacks like this and our power infrastructure are probably our greatest vulnerabilities...... WE really need to buckle down as a country on protecting from this.
Click to expand...
Cyber security in in the power-gen industry is no joke. Every time I apply for access to a plant there is at least one hour of cyber security training. The biggest threat at plants now are unsecured digital media devices. Before you can use one they have to be cleared by IT security or be issued one by IT.

There have been instances where someone picks up a thumb drive at conference form a booth that has been corrupted by a third party. Once they plug it into a computer in the plant the whole system is infected.
 
  • Wow
Reactions: skip dog
P

Pink Floyd.sixpack

Junior
Aug 22, 2012
326
299
63
DT4248 said:
It is backed up heavily with daily copy down environment, weekly copy down environment, shadow live reporting environment, and more.

Source: I know Judy hates when people call it EPIC. It's not an acronym and we never capitalize it in hyperspace. It's just Epic.
Click to expand...
My bad. Industry I am in used a management system called EPIC that I believe is an acronym. So used to typing it in all caps that I guess old habits snuck in.
 
  • Haha
Reactions: DT4248
BossDawg78

BossDawg78

Senior
Jan 25, 2015
3,777
971
113
Hugh's Burner Phone said:
I've heard they deleted all patient info. You don't 17 with people's health. Hope that dick gets life in prison.
Click to expand...

I hope not. My doctor that did my cervical fusion is down there. Dr. Joaquin Hidalgo, an awesome neurosurgeon. I was having paralysis and he found the problem in my neck. After my fusion I haven't had any problems. During a CT scan of my neck he incidentally found a brain tumor and ended up removing that too. I've been getting MRI's for follow-ups and if that's true, I guess those scans are gone?
 
  • Like
Reactions: peewee.sixpack
Wesson Bulldog

Wesson Bulldog

All-Conference
Nov 3, 2015
1,565
1,877
113
They sure could have used this today
large GIF
 
  • Like
Reactions: Darryl Steight
D

DoggieDaddy13

All-Conference
Dec 23, 2017
3,428
1,788
113
CEO2044 said:
Oh, I know. I work in healthcare too, and I know that this can happen. It's just hard for me to believe sometimes how truly evil people can be in the pursuit of money.
Click to expand...
It's just business. illegal? Sure.

But it's still business and if it weren't so profitable, they wouldn't be doing it.
 
KentuckyDawg13

KentuckyDawg13

Senior
Aug 15, 2006
1,913
541
113
As an I/T person that works within the Epic framework, I can honestly say that all the medical/patient information is backed up routinely. There are various ways to restore from something like this, as my hospital network was affected a couple of years ago by some ransomware d/ckheads. We told them to f*ck off and did a complete restore once the hack was discovered.
 
  • Like
Reactions: Maroon Eagle and skip dog
greenbean.sixpack

greenbean.sixpack

All-American
Oct 6, 2012
8,761
8,025
113
CEO2044 said:
It's just hard for me to believe sometimes how truly evil people can be in the pursuit of money.
Click to expand...
First day on earth? This wouldn’t even rank in the top 1000 evil things done today in the pursuit of money.

If someone truly needed life saving surgery immediately, they could probably do it and if not there’s two better hospitals within a mile (and the VA, but I wouldn’t classify it as “better”).
 
  • Like
Reactions: JY1947
C

CEO2044

Senior
May 11, 2009
1,823
470
83
DoggieDaddy13 said:
It's just business. illegal? Sure.

But it's still business and if it weren't so profitable, they wouldn't be doing it.
Click to expand...
What does that have to do with how evil they are?
greenbean.sixpack said:
First day on earth? This wouldn’t even rank in the top 1000 evil things done today in the pursuit of money.

If someone truly needed life saving surgery immediately, they could probably do it and if not there’s two better hospitals within a mile (and the VA, but I wouldn’t classify it as “better”).
Click to expand...
Nope. It will just always be hard for me to believe. I have a pretty high moral code, though. It will always bother me.
 
  • Like
Reactions: MagnoliaHunter
Bulldog Bruce

Bulldog Bruce

All-American
Nov 1, 2007
4,688
5,178
113
why would email and any outside communicating system be connected to the working/patient system? I don't think it is a secret, but when I have dealt with secure government systems there is a high side and a low side and they NEVER intersect. That's how hospitals that are required to have HIPPA protections should be.
 
  • Like
Reactions: MagnoliaHunter and jethreauxdawg
onewoof

onewoof

Heisman
Mar 4, 2008
14,832
12,915
113
Bulldog Bruce said:
why would email and any outside communicating system be connected to the working/patient system? I don't think it is a secret, but when I have dealt with secure government systems there is a high side and a low side and they NEVER intersect. That's how hospitals that are required to have HIPPA protections should be.
Click to expand...
always hosted remotely "in the cloud" and all it takes is someone calling in to a person and claiming to be someone internal needing a password reset, etc to get access to do terrible things.
 
Bulldog Bruce

Bulldog Bruce

All-American
Nov 1, 2007
4,688
5,178
113
onewoof said:
always hosted remotely "in the cloud" and all it takes is someone calling in to a person and claiming to be someone internal needing a password reset, etc to get access to do terrible things.
Click to expand...
and that's dumb too. I have been working in secure systems for 40+ years and yes you have to protect against stupid. Which is usually people. If a cloud company does stuff like that, they need to be exposed and go out of business.
 
  • Like
Reactions: MagnoliaHunter
You must log in or register to reply here.