Since the original article, hackers have expanded their targets beyond hospitals to educational platforms and healthcare contractors. Instructure negotiated a deal with the ShinyHunters hacking group to prevent a Canvas learning platform data leak affecting millions of students and teachers, while separately, a data breach at Conduent (a company that handles administrative services for states) prompted Missouri regulators to investigate the company's response to a HIPAA violation (a federal law protecting patient and health information privacy).
Since the original article, the Medusa ransomware gang has claimed responsibility for attacks on specific targets including the University of Mississippi Medical Center and a New Jersey county, demonstrating the real-world scope of these threats. A former FBI official has now called for the government to designate ransomware hackers targeting hospitals as terrorists, which would impose stricter legal penalties and law enforcement responses. Additionally, concerns have emerged that a government shutdown could further weaken hospital cybersecurity defenses at a critical time.
A dangerous hacking group called Medusa just attacked a major Mississippi hospital and a New Jersey county. Here's what that means: hackers used ransomware (a type of virus that locks your files until you pay money) to freeze the hospital's entire computer system. Patients couldn't access their medical records. Doctors couldn't see test results. Everything stopped.
Think of ransomware like a burglar chaining your front door shut and demanding cash before you can leave your house.
The Medusa gang claimed they stole patient information—names, medical histories, social security numbers—from the University of Mississippi Medical Center. They're threatening to sell this data online unless the hospital pays them. A New Jersey county government also got hit the same way.
An ex-FBI official now wants the government to treat ransomware attackers like terrorists. Why? Because hospitals aren't just businesses—people's lives depend on them working properly.
Here's the real problem: the government shutdown is making hospitals less prepared to defend themselves. When cybersecurity funding gets cut, hospitals can't hire experts or update their defenses. It's like leaving your doors unlocked during a crime wave.
What you should do right now:
If you use a hospital in Mississippi or New Jersey, assume your data might be exposed. Watch your credit reports for fraud. Consider freezing your credit with the three major agencies (Equifax, Experian, TransUnion)—it's free and stops criminals from opening accounts in your name. Ask your hospital what they're doing to protect patient information. Don't click suspicious email links, even if they claim to be from your doctor's office. Hackers use fake emails to spread ransomware.
Your healthcare data is worth more money to criminals than your credit card number. Protect it like you'd protect your house keys.