Ascension healthcare system hit by cyberattack, disrupting operations and threatening patient privacy

A significant cyberattack has impacted the Ascension healthcare system throughout the US, causing hospital diversions, missed medical appointments, and restricted online access to individual records. Ascension, a non-profit Catholic healthcare organization based in St. Louis, operates approximately 140 hospitals and 25,000 beds in 19 states and Washington D.C. On Wednesday, Ascension identified “unusual activity” within its computer network systems, which led to the shutdown of its digital medical records platform and the MyChart system, which permits patients online access to their records and communications with physicians. The Wichita, Kansas, branch of Ascension revealed that ambulances were diverted from specific hospitals starting Wednesday, but the Ascension spokesperson for that region announced that full ambulance redirection finished on Thursday afternoon. According to reports from WTMJ-TV in Milwaukee, Ascension patients in the area were unable to obtain CT scans, mammograms, or refill prescriptions. “We have determined this is a cybersecurity incident,” stated the Ascension spokesperson’s announcement. “Our investigation and restoration work will take time to complete, and we do not have a timeline for completion.” The Ascension statement revealed that “downtime” procedures would be utilized “for some time,” and individuals were instructed to carry notes detailing their symptoms and a list of medication numbers or drug containers to medical appointments. At two Wichita hospitals, personnel were compelled to utilize pen and paper and broadcast medical crises through loudspeakers since their pagers failed. Cybersecurity specialists claim that ransomware attacks have grown significantly in recent years, particularly in the healthcare industry. Ransomware groups frequently steal data before deploying data-encrypting malware that stops networks. The danger of disclosing stolen data is employed to impose payments. The Ascension statement did not specify whether it was the target of a ransomware attack or whether it paid a ransom, and the organization did not instantly reply on Friday to an email requesting updates. “We are working around the clock with internal and external consultants to investigate, contain, and restore our systems,” the spokesperson’s statement read. An assault on Change Healthcare earlier this year delayed insurance reimbursements and added tension to physician’s offices across the country. After gaining access in February, the hackers launched a ransomware attack that scrambled and locked significant portions of the firm’s system. UnitedHealth CEO Andrew Witty informed Congress last week that his corporation paid a $22 million ransom in Bitcoin. Witty stated to legislators that UnitedHealth is “continuously” targeted. He claimed his organization fends off an attempted break-in every 70 seconds. A ransomware attack in November prompted Ardent Health Services, which operates 30 hospitals in six states, to redirect patients from some of its emergency departments to other hospitals while delaying particular elective treatments. It also suspended user access to information technology applications such as software used to record patient care. Murphy reported from Indianapolis.