Ascension Says Medical Information Stolen In Attack, 5.6M Affected

The data was stolen in connection with a May ransomware attack that disrupted clinical operations.

The Ascension health system disclosed Thursday that patient medical data was stolen in connection with a May ransomware attack that disrupted clinical operations.

In a disclosure posted by the Maine attorney general website, Ascension Health said the breach affected roughly 5.6 million individuals.

CRN has reached out to Ascension Health for further comment.

The attack, which began when an employee inadvertently downloaded malware, forced St. Louis-based Ascension to divert emergency care from some of its hospitals.

In a sample letter to affected Maine residents, Ascension said that cybercriminals also “obtained a copy of certain files containing personal information of Ascension patients and employees” between May 7 and 8.

The types of impacted data included medical information such as “medical record number, date of service, types of lab tests, or procedure codes,” Ascension said.

Other affected data may have included credit card or bank account numbers, insurance information such as Medicaid/Medicare ID or policy number, Social Security number, tax identification number, driver’s license number and passport number—as well as “other personal information” that might include date of birth or address, the health system said.

“The particular type of information involved, however, varied by individual,” Ascension said in the sample letter.

In May, CNN reported that the cyberattack showed signs of involvement from the Russian-linked cybercriminal group known as Black Basta.

At the time, the nonprofit Health Information Sharing and Analysis Center (H-ISAC) sent out an alert to its health sector member organizations saying that Black Basta “has recently accelerated attacks against the healthcare sector.”