Ascension Healthcare Cyberattack Disrupts Services Across 19 States

A ransomware cyberattack has crippled Ascension, a large US healthcare system, disrupting operations across 19 states, forcing the postponement of appointments, and limiting access to electronic medical records, with healthcare workers resorting to manual systems to track patient care. The attack, believed to be carried out by the Black Basta ransomware group, has significant implications for patient care and sensitive data, highlighting the vulnerability of the healthcare sector to cyber threats." This description focuses on the primary topic of the ransomware attack on Ascension, the main entity affected, and the context of the healthcare sector. It also highlights the significant actions and consequences of the attack, including the disruption of operations and the impact on patient care. The description provides objective and relevant details that will guide the AI in creating an accurate visual representation of the article's content.

author-image
Aqsa Younas Rana
New Update
Ascension Healthcare Cyberattack Disrupts Services Across 19 States

Ascension Healthcare Cyberattack Disrupts Services Across 19 States

Ascension, one of the largest healthcare systems in the United States, has fallen victim to a ransomware cyberattack, causing widespread disruptions to its operations across 19 states. The attack, detected on May 8, 2023, has forced the postponement of appointments, closure of retail pharmacies, and limited access to computerized records.

Why this matters: This cyberattack highlights the vulnerability of the healthcare sector to ransomware attacks, which can have devastating consequences for patient care and sensitive data. The incident serves as a wake-up call for healthcare providers to invest in robust cybersecurity measures to protect against such threats.

The cyberattack, believed to be carried out by the notorious Black Basta ransomware group, has crippled Ascension's electronic medical records system, Epic, and other critical systems used for ordering tests, procedures, and medications. Healthcare workers are now resorting to paper records to track patient conditions, write prescriptions, and manage care, leading to significant delays and challenges.

A physician working at Ascension Wisconsin, speaking anonymously, described the situation: "You have no backstory of the person. You don't know what the chief complaint is. You don't know the history of the patient." The lack of access to electronic records has severely impacted the ability of healthcare providers to deliver timely and informed care.

Ascension operates 142 hospitals and over 2,600 care sites across 19 states, including Alabama, Florida, Illinois, Indiana, Kansas, Maryland, Michigan, Oklahoma, Tennessee, Texas, and Wisconsin. While all facilities remain open, they are relying on manual systems for patient documentation. Certain retail pharmacies are unable to fill prescriptions, and some locations have temporarily delayed diagnostic imaging and testing.

In response to the attack, Ascension is working with cybersecurity experts from Mandiant and other firms to investigate the incident, contain the threat, and determine the extent of any data compromise. The health system has notified federal authorities, including the FBI, the Cybersecurity and Infrastructure Security Agency, and the Department of Health and Human Services.

Ascension CEO Joseph Impicciche addressed the situation in an email to healthcare workers on May 9, stating, "We are working diligently to resolve the issues as quickly as possible." However, the health system has not provided a timeline for the restoration of its systems, leaving patients and staff in a state of uncertainty.

Patients are advised to bring notes on their symptoms and a list of current medications, including prescription numbers or bottles, to help expedite the manual processes now in place. They are also encouraged to freeze their credit and remain vigilant for potential sensitive information breaches.

The Ascension cyberattack serves as a stark reminder of the growing threat posed by ransomware attacks in the healthcare sector. As healthcare providers increasingly rely on digital systems to manage patient care and sensitive data, the need for robust cybersecurity measures and incident response plans has never been more critical.

Key Takeaways

  • Ascension, a US healthcare system, fell victim to a ransomware cyberattack on May 8, 2023.
  • The attack affected 19 states, forcing appointment postponements and limited access to computerized records.
  • Black Basta ransomware group is believed to be responsible for the attack, crippling Ascension's electronic medical records system.
  • Healthcare workers are resorting to paper records, causing significant delays and challenges in patient care.
  • Ascension is working with cybersecurity experts to investigate and contain the threat, with no timeline for system restoration.