On 28 October 2020, the University of Vermont Medical Center (UVMMC) and its University of Vermont Health Network — encompassing six hospitals and approximately 1,000 providers across Vermont and upstate New York — was struck by a DoppelPaymer ransomware attack that disabled critical patient care systems including Epic EHR, payroll, and telephone systems. The attack forced hospitals to revert to paper-based procedures for weeks. The UVM Medical Center in Burlington was most severely impacted; cancer treatment schedules were disrupted, chemotherapy appointments cancelled, and staff were unable to access patient records. Recovery took approximately a month. The attack was part of a coordinated US Health and Human Services (HHS) warning in October 2020 of an ‘imminent and increased cybercrime threat’ to US hospitals, alongside similar attacks on Sky Lakes Medical Center (Oregon) and St. Lawrence Health System (New York) in the same week. The FBI and CISA issued a joint advisory (AA20-302A). The full recovery cost for UVM Health Network was estimated at over $63 million, including lost revenue and remediation costs — one of the most costly ransomware incidents in US healthcare history. Federal investigators identified the attackers as a group using Trickbot malware infrastructure linked to Russian-speaking cybercriminals.