Ascension Confirms Data Breach After Suffering Cyber Attack Last Month

According to a spokesperson from Ascension, the breached files “may contain protected health information and personally identifiable information for certain individuals."

In a recent update, Ascension Health disclosed that a cyberattacker responsible for disrupting its systems last month also accessed files potentially containing sensitive personal data. 

A spokesperson from Ascension, said, "The attackers could take files from seven of the health systems' network servers. The files "may contain protected health information and personally identifiable information for certain individuals."

Ascension, a prominent Catholic health system operating 140 hospitals and employing about 132,000 people nationwide, emphasized that while the breach affected routine task servers, there is no evidence that complete patient records or clinical data were compromised. 

"Right now, we don’t know precisely what data was potentially affected and for which patients," the spokesperson added. Ascension plans to conduct a comprehensive review of the impacted files to determine the extent of the breach.

According to a spokesperson from Ascension, the breached files "may contain protected health information and personally identifiable information for certain individuals."

The breach was detected during an ongoing investigation, revealing that the attackers managed to obtain files from seven servers within Ascension's network. These servers, primarily used for staff daily operations, do not currently indicate any evidence of full patient record access or compromise of clinical systems.

"We don’t know precisely what data was potentially affected and for which patients. To reach those conclusions, we need to fully review the files that may have been impacted and carefully analyze them," stated Ascension in a recent update

Ascension has proactively offered all affected patients and employees free credit monitoring and identity theft protection services in response to the breach. This move aims to mitigate potential risks associated with the compromised data.

Operational Impact & Response Measures

The cyberattack, detected in early May, prompted Ascension to implement downtime procedures across its care sites, affecting access to electronic health records (EHR) and other critical systems. 

As a result, clinicians resorted to paper records and offline workarounds to ensure continuity of patient care. The nonprofit has prioritized restoring EHR access, aiming for system-wide recovery by mid-June.

"We have identified how the attacker gained access to our systems," Ascension stated, attributing the breach to an employee's inadvertent download of a malicious file at one of its facilities.

The organization clarified, "We have no reason to believe this was anything but an honest mistake."

Legal & Operational Fallout

In the aftermath of the cyber incident, Ascension faces legal challenges, including class-action lawsuits filed by affected patients. Allegations suggest the health system's inadequate cybersecurity measures lead to foreseeable vulnerabilities. 

The lawsuits in Texas and Illinois claim damages due to the exposure of private information during the breach.

Ascension responded by offering complimentary credit monitoring and identity theft protection services to individuals potentially impacted by the breach. 

The nonprofit has also engaged third-party cybersecurity experts and notified relevant authorities, including law enforcement and regulatory bodies, to assist in their investigation.

Throughout the recovery process, Ascension has maintained operational continuity across its facilities, reopening pharmacies and specialty services while ensuring that emergency medical care remains unaffected.