Ascension Confirms Ransomware Attack

The organization has refrained from disclosing the ransom amount or confirming whether personal health information was compromised in the cyberattack. 

Ascension Health, a significant player in the healthcare sector, has confirmed that it is grappling with the aftermath of a ransomware attack. 

The healthcare giant, which oversees 140 hospitals and 40 senior living facilities in 19 states, revealed that it first detected "unusual activity" on its technology networks on Wednesday, May 8.

In response to the cybersecurity event, Ascension Health swiftly activated remediation processes and enlisted the expertise of Mandiant, a third-party cybersecurity firm, to assist with the investigation. 

However, Ascension Health has chosen to remain tight-lipped about the crucial details of the ransomware attack. The organization has refrained from disclosing the ransom amount or confirming whether personal health information was compromised in the cyberattack. While acknowledging disruptions to clinical operations and access to specific systems, Ascension Health has opted not to reveal the full extent of the impact caused by the incident.

An Ascension spokesperson said, "Out of an abundance of caution, we recommend that business partners temporarily suspend the connection to the Ascension environment." The healthcare provider has also notified appropriate authorities and pledged to provide updates as the situation unfolds.

Ongoing Investigation & Collaboration

Ascension Health remains committed to thoroughly investigating the ransomware incident. The organization works closely with law enforcement agencies, including the FBI, and cybersecurity authorities, such as the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services.

"We remain in close contact with the FBI and CISA, and we are sharing relevant threat intelligence with the Health Information Sharing and Analysis Center (H-ISAC) so that our industry partners and peers can take steps to protect themselves from similar incidents," affirmed an Ascension spokesperson.

Healthcare Services Impacted

In the wake of the ransomware attack, Ascension Health faces challenges in maintaining seamless healthcare services. Clinicians have resorted to traditional methods, such as paper records and phone calls, to ensure continuity of care. The organization has acknowledged disruptions to its MyChart electronic health records system, phone lines, and systems for ordering tests, procedures, and medications.

"It is expected that we will be utilizing downtime procedures for some time," said an Ascension spokesperson. The healthcare provider has implemented measures to minimize patient impact, including providing guidance for upcoming appointments and liaising with pharmacies to fulfill medication needs.

Furthermore, Ascension Health has taken proactive steps to manage the situation, including diverting ambulances with medically stable patients to other healthcare systems and temporarily pausing non-emergent elective procedures, tests, and appointments.

Despite the challenges posed by the cybersecurity event, Ascension Health reassures the public that its care teams are well-equipped to navigate such disruptions and prioritize patient safety.