💰🗃️

Ascension Healthcare Security Incident

May 8, 2024 502 days ago Resolved

Incident Overview

Situation Description

Ascension Healthcare experienced a ransomware attack that led to the theft of patient data and the shutdown of critical systems.

Event Types

Ransomware Data Breach

Industry Sector

Healthcare

Geographic Scope

National (US)

Response Actions

Isolated Compromised Systems Notified Law Enforcement Engaged Third-Party Forensic Investigators

Impact Analysis

Event Types (2 identified)

Ransomware Data Breach

Financial Impact

$0 USD

Records Affected

Data Types Compromised

PII (Personally Identifiable Information) PHI (Protected Health Information)

Primary Impacts

Operational Disruption Data Exposure

Key Decisions Made

Ascension Healthcare took steps to contain the impact of the cyberattack.; Ascension Healthcare notified the FBI and CISA about the incident.; Ascension Healthcare engaged cybersecurity firm Mandiant to assist with the investigation.

Technical Analysis

Attack Method

Unknown

Threat Actor Attribution

Black Basta

Additional Information

Class action lawsuit alleges Ascension Healthcare failed to adequately protect patient information allowing Russian hackers to steal patient data. A class action lawsuit was filed in the wake of Ascension Healthcares recent announcement that it has fallen victim to a ransomware attack. Ascension, one of the largest nonprofit Catholic health systems in the United States, employs approximately 134,000 associates, has 35,000 affiliated providers and operates 140 hospitals. This latest attack, according to industry analysts, has all the hallmarks of a similar attack earlier this year against Change Health, a division of UnitedHealth Group. That attack forced United Health to pay a $22 million ransom and admit that a lack of multifactor authentication on a Change Healthcare server enabled the attack to succeed. Initial reports are that the attack paralyzed Ascensions systems, forcing it to shut down its electronic health records system and to divert emergency care at some of its hospitals. The attack also shut down its telephone systems, MyChart patient portal electronic ordering for tests and medications. Progress is slowly being made to restore its systems but the process, according to the St. Louis-bases health system, will take time to complete. You can read the latest company update here . What Happened? It is still very early on in the investigation but what is known so far is that on May 8, 2024 Ascension initially detected unusual activity on select technology network systems. It immediately took steps to contain the impact of the cyberattack and notified the FBI and the U.S. Cybersecurity and Infrastructure Security Agency ( CISA ). It also brought in cybersecurity services firm, Mandiant , to assist with the investigation. Security experts have likened recent hospital data breaches to car owners leaving their keys on the seat with the door unlocked. At issue is the American Hospital Association supports voluntary cybersecurity goals and has pushed back...

... (truncated for display)

Quick Facts

Company:: Ascension Healthcare
Date:: May 8, 2024
Status:: Resolved
Decision Maker:: nan
Position:: nan
Published:: nan

Source Information

Original Query

healthcare provider ransomware attack "patient data" "notification letter"

View Original Source

Timeline

Information Published

nan

Incident Occurred

May 8, 2024 (502 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats