United Health Services Inc., a leading healthcare provider in the U.S., has been hit by a ransomware attack that forced systems offline in multiple states.

According to CNBC, the hospital chain is described as being hit by “what appears to be one of the largest medical cyberattacks in United States history.” The extent of the ransomware attack is not clear, but various UHS hospitals apparently have had to resort to filing patient information with pen and paper.

UHS has still not provided full details of the attack. In a statement Monday, the company said its information technology network facilities were offline “due to an IT security issue.”

“We implement extensive IT security protocols and are working diligently with our IT security partners to restore IT operations as quickly as possible,” UHS said. “In the meantime, our facilities are using their established back-up processes including offline documentation methods. Patient care continues to be delivered safely and effectively.”

The company went on to claim “no patient or employee data appears to have been accessed, copied or misused.” It’s 2020 and it has seemingly been targeted in a ransomware attack in an age when stealing data is typical in ransomware attacks, so there’s reason to be skeptical of its claim.

Given that it’s claimed that UHS hospitals in California have been targeted, the clock is ticking on its legal requirement to disclose the potential data theft under the California Consumer Privacy Act that came into force at the beginning of this year.

“The Universal Health Services attack demonstrates the growing threat ransomware poses, especially to highly regulated industries,” Sanjay Jagad, senior director of products and solutions at enterprise data storage firm Cloudian Inc., told SiliconANGLE. “In these cases, extremely sensitive customer data and an organization’s reputation are at stake.”

The problem, he added, is that perimeter security solutions inevitably fall short against increasingly sophisticated ransomware attacks. “To truly safeguard themselves, organizations must instead protect data at the storage layer,” Jagad explained. “The easiest way to do this is to keep a backup data copy on immutable storage: once written, the backup cannot be changed or deleted for a specific period. This prevents malware from being able to encrypt the data and lock the victim out. If a ransomware attack occurs, organizations can restore an unencrypted copy of the data via a simple recovery process. In the past you needed specialized storage devices to get this feature.”

Photo: UHS