A notorious cybercriminal organization has claimed responsibility for major ransomware attacks targeting the primary medical center in Mississippi and a high-population county in New Jersey. These incidents forced critical infrastructure to go offline, disrupting essential healthcare services and government operations while the attackers demanded substantial ransom payments.

The Medusa ransomware group, a gang widely believed to operate out of Russia, recently announced its involvement in a cyberattack against the University of Mississippi Medical Center. As the state’s premier healthcare provider, the institution supports ten thousand employees and manages the region’s only Level I trauma center and specialized pediatric facilities. The attack severely hindered the medical center's ability to provide care, highlighting the vulnerability of critical health infrastructure to international digital threats.

The intrusion caused a total blackout of the organization’s digital systems for over a week in late February, compelling medical staff to revert to manual record-keeping and analog tools. Essential services, such as cancer infusion treatments, faced significant scheduling disruptions, while various units managed patient care using paper and pen. Despite these challenges, staff members worked to establish offline clinics and secure alternative ways to access necessary data to maintain life-saving operations during the outage.

While the main hospital and emergency rooms stayed open, the medical center was forced to shut down thirty-five separate clinic locations throughout the recovery process. Federal investigators from the FBI and the Department of Homeland Security were called in to assist with the technical restoration of the network. Although the facilities fully reopened in early March, the hackers have since demanded an eight-hundred-thousand-dollar payment and threatened to release stolen sensitive data if their terms are not met.

Technical experts link the Medusa group to Russia because the hackers avoid targeting former Soviet territories and utilize Russian-language forums and scripts in their coding. Since its emergence several years ago, the group has gained a reputation for aggressively targeting American municipal governments and healthcare providers. Their operational pattern involves exfiltrating data and using the threat of public exposure to pressure victims into paying large sums of money.

The gang's reach extended to New Jersey this week as they claimed a separate attack on Passaic County, a region serving hundreds of thousands of residents. This incident mirrored the Mississippi attack with a similar ransom demand of eight-hundred-thousand dollars following a period of technical chaos. The county government confirmed that its phone lines and information technology systems were crippled by the malware, marking yet another escalation in the group's campaign against public institutions.

Source: Medusa Ransomware Gang Claims Attacks on Mississippi Hospital and New Jersey County