Ascension, a leading nonprofit health system in the U.S., recently announced that a ransomware attack in the spring has exposed data from approximately 5.6 million individuals. This cyber incident ranks as the third largest healthcare data breach reported this year, following similar incidents at Change Healthcare and Kaiser Foundation Health Plan.
The attack occurred in early May and had severe consequences, forcing some Ascension facilities to divert ambulances and shut down crucial systems, such as electronic health records. The breach was linked to an employee who unknowingly downloaded a malicious file, with the perpetrator believed to be a group known as Black Basta.
The compromised data may include medical information, payment details, Social Security numbers, and insurance information. Ascension has not found evidence that complete patient records stored in its electronic systems were stolen, but the organization still plans to notify all affected individuals by mail in the coming weeks.
The financial impact of the attack on Ascension was significant, resulting in a $1.1 billion net loss in its 2024 fiscal report and hampering its improvement initiatives. However, all affected systems have been restored, and the health system is now offering credit monitoring and identity theft protection to those impacted.
This breach is part of a concerning trend of major healthcare cyber incidents this year, with the attack on Change Healthcare exposing data from 100 million individuals, marking it as the largest healthcare breach on record. It underscores the vulnerability of hospitals and clinics to cybercriminals seeking sensitive data.
In light of the increasing frequency of data breaches, many individuals are turning to data removal services to enhance the protection of their personal information. Services like Incogi, with partnerships with over 180 data brokers and regular scanning intervals, assist individuals in managing their online presence and minimizing their exposure to potential threats.
Source link