UHS Hit by Massive Cyberattack

Universal Health Services (NYSE: UHS) has taken its IT network offline at US facilities following a “security incident caused by malware,” the company announced Tuesday. 

Meanwhile, NBC News reported that the hospital company is the victim of “what appears to be one of the largest medical cyberattacks in United States history.”

Headquartered in King of Prussia, Pennsylvania, UHS has 328 behavioral health facilities spread across the US, Puerto Rico and the United Kingdom. It also has 26 acute care hospitals, 42 outpatient facilities and ambulatory care access points, an insurance offering, a physician network and other related service offerings.


The security attack occurred on the early morning of Sept. 27, according to a UHS press release. It caused the company to shut down all its networks across the US, while UK facilities were not effected.

While the attack may cause temporary disruptions to clinical and financial operations at UHS, the company continues to deliver patient care “safely and effectively,” the press release said. Plus, the company has “no evidence” that any patient or employee information was “accessed, copied or misused.”

UHS is working with its security partners to safely get its IT operations back up and running. In the meantime, its facilities are using back-up methods to communicate patient information, including offline, pen-to-paper documentation.


As of Tuesday evening, some UHS applications had already started to come back online.

Companies featured in this article: