Ascension Data Breach: Health System Says Clinical Operations Disrupted
The nonprofit and Catholic health system said that on May 8 it ‘detected unusual activity on select technology network systems.’
Ascension, a health system with 140 hospitals and operations in 19 states and Washington, D.C., said that its clinical operations were disrupted after it discovered “unusual activity” on some of its network systems Wednesday.
The nonprofit and Catholic health system said that on May 8 “we detected unusual activity on select technology network systems, which we now believe is due to a cyber security event. At this time we continue to investigate the situation. We responded immediately, initiated our investigation and activated our remediation efforts.”
Ascension also said it is using security vendor Mandiant “to assist in the investigation and remediation process, and we have notified the appropriate authorities.” The organization said that it was investigating what information “if any” may have been affected by the breach.
[RELATED STORY: Analysis: Change Healthcare Attack Shows What Happens When Cybersecurity Is Ignored In M&A]
“Should we determine that any sensitive information was affected, we will notify and support those individuals in accordance with all relevant regulatory and legal guidelines,” the nonprofit said.
Ascension says it has 134,000 associates, has 35,000 affiliated providers and operates 140 hospitals.
An Ascension spokesperson sent CRN the same statement the organization posted earlier Wednesday. “This is an ongoing situation and we will provide updates as we learn more,” the spokesperson said in the statement.
The latest breach comes on the heels of other prominent healthcare-related cybersecurity incidents over the last couple years.
In February, a cyberattack against a unit within UnitedHealth Group subsidiary Optum, Change Healthcare, led to major disruptions for U.S. pharmacies and patients, according to reports. The attack forced UnitedHealth to pay a $22 million ransom and admit that a lack of multifactor authentication on a Change Healthcare server enabled the attack to succeed.
In January 2023, Lehigh Valley Health Network in Pennsylvania was hit by a cybersecurity attack by the ransomware gang known as BlackCat. In that attack, more than 2,700 people reportedly were affected by the hack, which included the subsequent leak of nude photos and personal information of cancer patients.
Last month, the U.S. Department of Health and Human Services warned the health sector that threat actors were “employing advanced social engineering tactics to target IT help desks in the health sector and gain initial access to target organizations.” According to the alert, organizations should use Microsoft Authenticator with number matching and remove SMS as an MFA verification option, among other directives.