Medusa ransomware gang claims attacks on prominent Mississippi hospital, New Jersey county

Steven

Medusa ransomware gang claims attacks on prominent Mississippi hospital, New Jersey county

Summary

The Medusa ransomware operation has claimed responsibility for cyberattacks on the University of Mississippi Medical Center (UMMC) and New Jersey’s Passaic County. UMMC — the state’s largest hospital system and sole provider of several critical services — was forced to operate offline for nine days, shifting clinical workflows to paper and analogue processes while FBI and DHS assisted the recovery. The hospital reopened on 2 March. Medusa has demanded an $800,000 ransom and threatened to publish stolen data by 20 March.

Passaic County, home to nearly 600,000 residents, experienced a malware incident that disrupted phone lines and government IT systems; Medusa also demanded $800,000 there. Cyber analysts tie Medusa to Russia-based operations based on language use, forum behaviour and targeting patterns. The group has been active since 2021 and has repeatedly attacked healthcare and municipal organisations across the US.

Key Points

  • Medusa claims responsibility for attacks on UMMC and Passaic County, New Jersey.
  • UMMC was offline for nine days; clinics were closed and staff operated systems with pen-and-paper workarounds.
  • Both incidents involved ransom demands of $800,000 and threats to leak stolen data.
  • Federal agencies (FBI and DHS) assisted UMMC’s recovery effort; the hospital fully reopened on 2 March.
  • Security researchers associate Medusa with Russia due to language, forum activity and target selection.
  • Medusa has a history (since 2021) of targeting healthcare providers and municipal governments in the US.

Why should I read this?

Because this isn’t just another cyber story — it’s the one where a major hospital and a big county were forced back to paper. If you care about service availability, patient safety, or how public services cope under attack, this is worth a quick skim. We read it so you don’t have to — but you should know the ransom size, the recovery timeline and that Medusa keeps coming after health and local government targets.

Context and Relevance

Punchy author take: this matters. Attacks on critical healthcare infrastructure show attackers still prioritise high-impact targets that can cause real-world harm and pressure victims to pay. The simultaneous focus on municipal services underlines a broader trend: ransomware groups pursuing both financial gain and maximum disruption. For CISOs, hospital executives and local government IT leads, the incidents underline the need for tested offline procedures, rapid incident response, and robust backups.

This story is relevant to anyone monitoring cyber risk trends — particularly in healthcare and public sector contexts — because it highlights operational impacts (clinics closed, analogue workarounds), the scale of ransom demands, and ongoing attribution indicators pointing to Russia-linked actors. Expect increased scrutiny of resilience measures and possible follow-on disclosures if leaks occur.

Source

Source: https://therecord.media/medusa-ransomware-mississippi-cyber