Universal Health Services, which operates six hospitals in the Las Vegas Valley, said Tuesday that its computer networks remained shut down after what it confirmed was a cyberattack on Sunday.
“The cyber attack occurred early Sunday morning, at which time the company shut down all networks across the U.S. enterprise,” UHS said in a statement. It operates more than 400 hospitals and clinical care facilities across the U.S. and United Kingdom.
The networks remained offline as the company “works through a security incident caused by malware,” software designed to gain unauthorized access and damage a network.
Valley Health System facilities include Centennial Hills Hospital Medical Center, Desert Springs Hospital Medical Center, Henderson Hospital, Spring Valley Hospital Medical Center, Summerlin Hospital Medical Center and Valley Hospital Medical Center.
Late Tuesday, Valley Health System spokeswoman Gretchen Papez confirmed that the networks in Las Vegas remained down.
UHS reiterated that it had no indication that “any patient or employee data had been accessed, copied or misused.” It said its U.K. operations had not been affected.
The company said that it was “making steady progress with recovery efforts,” and that certain applications had begun to come back on line.
In the meantime, it said its facilities were using “established back-up processes including offline documentation methods.”
John Riggi, senior cybersecurity adviser to the American Hospital Association, on Monday called the incident a “suspected ransomware attack,” in which hackers infect networks with malicious code that scrambles data and then demand payment to restore services.