Ransomware incidents in 2025–2026 caused major operational disruptions across healthcare, finance, and manufacturing—most notably taking the University of Mississippi Medical Center’s Epic EHR offline and crippling BridgePay’s payment network. The shift to double- and multi-extortion tactics, the emergence of dozens of new ransomware groups, and AI-enabled tools have made data-neutralizing encryption and process-based access controls like D.AMO critical for blocking attacks and enabling rapid recovery. #UMMC #BridgePay
Keypoints
- The UMMC ransomware attack took Epic offline across 35 clinics and 200+ telehealth sites, delaying chemotherapy and surgeries.
- Publicly disclosed ransomware incidents rose 49% year-over-year in 2025, reaching 1,174 confirmed attacks.
- Double extortion combines data exfiltration with encryption, forcing victims to pay to avoid public exposure of stolen files.
- Backups alone are insufficient since attackers can weaponize exfiltrated data, requiring solutions that render stolen data unreadable and block file access.
- D.AMO offers folder-level kernel encryption, process-based access control, and independent backup recovery to defend against multi-extortion ransomware.