Vanderbilt University Medical Center impacted by cybersecurity incident

Vanderbilt University Medical Center (VUMC), a healthcare institution that operates seven hospitals and other facilities across Nashville, Tennessee, is investigating a cybersecurity incident. VUMC is one of the largest employers in the state, with a capacity exceeding 1,700 hospital beds.

This incident resulted in unauthorized access to a database within their extensive system, which provides medical services to over three million patients annually and employs around 40,000 staff members.

VUMC's name appeared on the leak site of the Meow ransomware gang on Thanksgiving day. The Meow ransomware gang is a relatively new and emerging threat. This ransomware group is believed to have evolved from the now-defunct Conti ransomware operation, which disbanded following internal conflicts regarding the group's stance on Russia's military actions in Ukraine.

A representative from VUMC has confirmed the cyber incident, yet has refrained from providing specific details, about the exact date of the incident, the nature of the cyberattack, and the consequent operational impacts. VUMC claims that the initial findings from their investigation concludes that the compromised database did not contain any sensitive personal or protected information concerning patients or VUMC employees.