A disastrous cybersecurity breach earlier this year at one of the largest healthcare systems in the United States left the sensitive data of 5.6 million patients and employees exposed.
A Feb.29, 2024 ransomware attack at Ascension Health, which operates roughly 140 hospitals, 40 senior care facilities and 175,000 associated providers across the nation, wasn’t discovered until May 8th when it caused chaos in the systems forcing hospitals to use manual and paper based systems when computer and phone systems were shut down.
Ascension Health handles over 16 million patient visits annually, and reported that though the data involved will vary and cannot be confirmed for each individual it may include any of the following:
- Medical information such as medical record numbers, dates of service, types of lab tests or procedure codes
- Payment information, such as credit card information or bank account numbers
- Insurance information such as Medicaid or Medicare ID numbers
- Policy numbers or insurance claims
- Government identification such as social security numbers, tax ID numbers, drivers license or passport numbers
- Personal information including dates of birth or addresses
The organization has now begun the process of notifying the 5,599,699 potentially affected patients and employees as the data review is being completed. Affected individuals should expect to receive notice letters within the next 2-3 weeks, and Ascension will be offering 24 months of credit and CyberScan monitoring, as well as $1,000,000 insurance reimbursement policy and fully managed ID theft recovery services.
In an announcement Ascension said “although patient data was involved…there remains no evidence that data was taken from our Electronic Health Records (EHR) and other clinical systems, where our full patient records are securely stored.”
Ascension has also stated that since the attack they have successfully “restored all systems, clinical functions, and Electronic Health Record access that were impacted by the incident,” which left hospitals in chaos attempting to treat patients while computers and phone lines were down.
The initial breach was caused by an employee accidentally downloading a malicious file; the ransomware group Black Basta is believed to be responsible for the cyberattack. Black Basta is a ransomware-as-a-service and was first identified in April 2022, more than 500 organizations have been victim to its attacks.
After the Ascension attack, both the FBI and CISA, the Cybersecurity and Infrastructure Security Agency, released advisories with recommendations for hospitals and critical infrastructure organizations to follow which include security measures such as: installing updates for operating systems, software and firmware as soon as they are released, require phishing-resistant MFA for as many services as possible and train users to recognize and report phishing attempts.
More from Tom's Guide
