Ascension Healthcare Takes Systems Offline after Major Cyberattack
What Happened?
Ascension, one of the largest nonprofit healthcare systems in the United States, took some of its systems offline on May 8, 2024 after detecting “unusual activity” on its technology network systems. Ascension believes this activity was due to a cyberattack.
When the ascension cyber attack was discovered, Ascension immediately initiated an investigation and response efforts. Access to some of its systems was interrupted as the investigation progressed.
Ascension Cyber Attack Disrupted Clinical Operations
The ascension healthcare cyberattack disrupted clinical operations and ongoing investigation is assessing the full impact and duration of these disruptions.
As part of its response to the ascension cyberattack, Ascension informed authorities and hired Mandiant, a leading cybersecurity firm, to assist with the investigation and remediation.
Ascension also advised business partners to temporarily suspend connections to its systems until further notice. This was done “out of an abundance of caution” as the healthcare provider assessed the scope of the incident.
“Out of an abundance of caution we are recommending that business partners temporarily suspend the connection to the Ascension environment,”
Ascension said in a statement.
About Ascension
Ascension is one of the largest non-profit and Catholic health system in the United States. It operates 140 hospitals and additional healthcare facilities across 19 states and Washington D.C. In 2023 alone, Ascension reported $28.3 billion in total operating revenue.
As a major healthcare provider, any cyber attack or disruptions to Ascension’s systems could severely impact patient care and clinical operations for the millions of patients they serve.
The Impact Continues and Questions Remain Unanswered
It remains unclear what data, if any, was accessed in the ascension cyber attack. The full scope and cause of the incident also continues to be investigated.
Until Ascension completes its investigation with Mandiant, many questions will remain around how long clinical operations and access to certain systems may be disrupted. Patient care and safety is Ascension’s top priority as they work to restore their networks.
The ascension healthcare cyberattack serves as a reminder that healthcare providers remain prominent targets for cybercriminals as personal health information has high value on black markets. Ascension and other providers must continue to harden their defenses to protect sensitive patient data.
