The University of Mississippi Medical Center has shut down all 35 clinics statewide following a ransomware attack that hit Thursday. This isn't just a data breach - it's people unable to get medical care.

The attack compromised UMMC's Epic electronic health records system, IT network, and phone systems. Staff have switched to paper documentation. Chemotherapy appointments are canceled. Elective procedures are on hold. The emergency department is still running, but that's about it.

"To use a medical phrase - we have stopped the bleeding," said UMMC Vice Chancellor LouAnn Woodward. But she also admitted that "the extent and the scope of the intrusion is still not fully understood."

That's the terrifying part. They don't know how deep the attackers got or what else might be compromised. The FBI's Jackson field office has surged resources to help with recovery, and the attackers have reportedly been in communication with hospital officials.

Healthcare ransomware attacks have moved from theoretical cybersecurity threat to life-threatening emergency. Every day UMMC's systems are down, patients can't get prescriptions refilled. Surgeries are postponed. Cancer treatments are delayed. The human cost is immediate and measurable.

I've seen what it takes to recover from a major security incident. It's not a matter of hours or even days. Health systems need to verify that every compromised system is clean, restore from backups, and ensure attackers don't still have access. That process, done properly, takes weeks.

Meanwhile, patients are stuck. UMMC says they're prioritizing time-sensitive care and allowing people to reschedule appointments. But "time-sensitive" is doing a lot of work in that sentence. Cancer treatment is time-sensitive. Diabetes management is time-sensitive. Cardiac follow-ups are time-sensitive.

The attackers likely targeted healthcare specifically because it's a pressure situation. Hospitals can't just stay offline for months while they rebuild infrastructure. Lives are literally at stake. That urgency makes organizations more likely to pay ransoms.

But paying doesn't solve the underlying problem: healthcare IT security is catastrophically underfunded relative to the threat. Hospitals run legacy systems because replacing them is expensive and disruptive. They patch slowly because downtime affects patient care. And they're staffed by IT teams who are already stretched thin.