Ascension, one of many largest U.S. healthcare techniques, revealed {that a} Could 2024 ransomware assault was brought on by an worker who downloaded a malicious file onto an organization system.
Ascension says this was seemingly an “honest mistake” as the worker thought they had been downloading a reliable file.
The assault impacted the MyChart digital well being data system, telephones, and techniques used to order assessments, procedures, and drugs, prompting the healthcare large to take some units offline on Could 8 to include what it described on the time as a “cyber security event,”
This pressured staff to maintain monitor of procedures and drugs on paper, as they may not entry affected person data electronically.
Ascension additionally paused some non-emergent elective procedures, assessments, and appointments and diverted emergency medical providers to different healthcare models to keep away from triage delays.
On Wednesday, it stated that a few of its providers are nonetheless being impacted, and the healthcare system continues to be engaged on bringing some digital well being data techniques, affected person portals, and cellphone techniques, in addition to assessments, procedures, and drugs ordering techniques on-line.
It additionally added that an ongoing investigation discovered proof the risk actors solely gained entry to and stole information from seven out of hundreds of servers on its community.
“At this point, we now have evidence that indicates that the attackers were able to take files from a small number of file servers used by our associates primarily for daily and routine tasks. These servers represent seven of the approximately 25,000 servers across our network,” an Ascension spokesperson stated.
“Though we are still investigating, we believe some of those files may contain Protected Health Information (PHI) and Personally Identifiable Information (PII) for certain individuals, although the specific data may differ from individual to individual.”
Nevertheless, Ascension says it has but to search out proof that the attackers stole information from its Digital Well being Information (EHR) and different medical techniques, which retailer the complete affected person data.
Ransomware assault linked to Black Basta
Whereas the healthcare large has but to hyperlink the assault to a particular ransomware operation, CNN reported that the Black Basta gang is behind the incident.
Days after the assault, Well being-ISAC (Data Sharing and Evaluation Middle) additionally issued a risk bulletin warning that Black Basta “has recently accelerated attacks against the healthcare sector.”
Because it surfaced in April 2022, Black Basta’s associates have breached the networks of many high-profile victims, together with Rheinmetall, Capita, ABB, and the Toronto Public Library.
Joint analysis from Elliptic and Corvus Insurance coverage additionally revealed the gang remodeled $100 million from 90+ victims till November 2023.
As one of many largest nonprofit well being networks within the U.S., Ascension operates 140 hospitals and 40 senior care amenities, and it reported a complete income of $28.3 billion in 2023.
Ascension additionally employs 8,500 suppliers and has 35,000 affiliated suppliers and 134,000 associates throughout 19 states and the District of Columbia.
