CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Multi-extortion ransomware attacks surge in 2025-2026 with healthcare, finance, and manufacturing sectors heavily impacted

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Multi-extortion ransomware campaigns have escalated into a dominant threat model by 2026, combining data encryption with direct exfiltration, customer coercion, and operational disruption. In February 2026, the University of Mississippi Medical Center (UMMC) experienced a ransomware attack that disrupted Epic EHR systems across 35 clinics and 200+ telehealth sites, forcing chemotherapy cancellations and non-emergency surgery postponements. The healthcare sector alone saw 93% of U.S. organizations reporting at least one cyberattack in 2025, with 72% indicating direct patient care disruption, while payment processor BridgePay suffered a February 2026 incident that took payment APIs, terminals, and pages offline. Publicly disclosed ransomware attacks surged 49% year-over-year in 2025 to 1,174 confirmed incidents, reflecting the rapid evolution of ransomware from simple encryption to multi-stage extortion tactics leveraging data theft, operational sabotage, and reputational leverage.

Timeline

  1. 03.04.2026 17:05 1 articles · 2h ago

    Multi-extortion ransomware campaigns escalate with healthcare and financial sector disruptions in early 2026

    In February 2026, the University of Mississippi Medical Center (UMMC) suffered a ransomware attack that disrupted Epic EHR systems across 35 clinics and 200+ telehealth sites, forcing chemotherapy cancellations and postponing non-emergency surgeries. At the same time, payment processor BridgePay experienced a ransomware incident that rendered payment APIs, terminals, and pages inoperable across downstream systems. These incidents follow the documented surge in ransomware activity, with 1,174 publicly disclosed attacks in 2025, and reflect the growing operational impact of multi-extortion tactics combining encryption, data theft, and customer coercion.

    Show sources
    Open in new tab

Information Snippets

  • In February 2026, the University of Mississippi Medical Center (UMMC) suffered a ransomware attack that disrupted Epic electronic health record systems across 35 clinics and over 200 telehealth sites, resulting in canceled chemotherapy appointments and postponed non-emergency surgeries.

    First reported: 03.04.2026 17:05
    1 source, 1 article
    Show sources

  • 93% of U.S. healthcare organizations reported at least one cyberattack in 2025, with 72% indicating the incident directly disrupted patient care.

    First reported: 03.04.2026 17:05
    1 source, 1 article
    Show sources

  • Payment processor BridgePay experienced a February 2026 ransomware attack that rendered APIs, virtual terminals, and payment pages completely offline.

    First reported: 03.04.2026 17:05
    1 source, 1 article
    Show sources

  • Publicly disclosed ransomware attacks increased 49% year-over-year in 2025, reaching 1,174 confirmed incidents.

    First reported: 03.04.2026 17:05
    1 source, 1 article
    Show sources

  • Double extortion ransomware involves exfiltrating sensitive data prior to encryption, applying pressure via potential public exposure in addition to encryption demands.

    First reported: 03.04.2026 17:05
    1 source, 1 article
    Show sources

  • Triple extortion adds direct extortion pressure on a victim’s customers or partners to increase coercion effectiveness.

    First reported: 03.04.2026 17:05
    1 source, 1 article
    Show sources

  • As of 2025, 124 active ransomware groups were identified, with 73 newly emerged entities reflecting a lowered barrier to entry due to AI-powered tools.

    First reported: 03.04.2026 17:05
    1 source, 1 article
    Show sources