Connect with us

Hi, what are you looking for?


Data Breaches

Ascension Says Personal, Health Information Stolen in Ransomware Attack

Ascension says patient information was stolen in an early-May ransomware attack that involved an employee downloading malware.

US healthcare organization Ascension this week revealed that personally identifiable information (PII) and protected health information (PHI) of an unknown number of patients was stolen in a recent ransomware attack.

Disclosed on May 10, the incident caused disruptions to Ascension’s electronic health record (HER) system, MyChart, phone systems, and systems used to order medication, procedures, and tests, and forced the company to divert patients at some hospitals.

The healthcare organization launched an investigation into the attack, notified the relevant authorities, and began the restoration and remediation process. By June 11, the company had restored EHR access in 11 states, aiming to restore it across its entire network by June 14.

“However, please note that medical records and other information between May 8th and the date of local EHR restoration may not be accessible as we work to upload the information collected during the system downtime,” the healthcare giant said in an updated incident notice.

In a subsequent update, Ascension noted that its investigation into the attack has determined that the attackers exfiltrated files from seven servers of the roughly 25,000 running across its network.

“Though we are still investigating, we believe some of those files may contain Protected Health Information (PHI) and Personally Identifiable Information (PII) for certain individuals, although the specific data may differ from individual to individual,” the company said.

According to Ascension, there is no evidence that data was stolen from EHR or other clinical systems, which store full patient records.

“Right now, we don’t know precisely what data was potentially affected and for which patients. In order to reach those conclusions, we need to conduct a full review of the files that may have been impacted and carefully analyze them. While we have started this process, it is a significant undertaking that will take time,” the healthcare provider said.

Advertisement. Scroll to continue reading.

The company is providing free credit monitoring and identity theft protection services to all patients and associates who request it, even if the investigation will determine that they were not impacted by the incident.

“We encourage all Ascension patients and staff who are concerned to take advantage of these services. We want to be clear, however, that this offer does not mean we have determined that any specific individual patient’s data has been compromised,” Ascension notes.

The company also revealed that the incident was the result of an individual at one of its facilities downloading a file they did not know was malicious.

A non-profit organization, Ascension runs one of the largest healthcare systems in the US, which includes hundreds of hospitals and 40 senior living facilities.

Related: MediSecure Data Breach Impacts Patient and Healthcare Provider Information

Related: 180k Impacted by Data Breach at Michigan Healthcare Organization

Related: CISA Releases Cybersecurity Guidance for Healthcare, Public Health Organizations

Related: Personal, Health Information of 1.2 Million Stolen in PurFoods Ransomware Attack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.


Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.


People on the Move

SaaS security company AppOmni has hired Joel Wallenstrom as its General Manager.

FTI Consulting has appointed Brett Callow as Managing Director in its Cybersecurity & Data Privacy Communications practice.

Mobile security firm Zimperium has welcomed David Natker as its VP of Global Partners and Alliances.

More People On The Move

Expert Insights