Ascension Health System Faces Major Cybersecurity Incident, Operations Disrupted

Ascension, one of the largest private healthcare systems in the United States, experienced significant disruptions in its clinical operations due to a suspected cybersecurity incident. This major nonprofit health system, which operates 140 hospitals and 40 senior care facilities across 19 states including the District of Columbia, reported unusual activity on its technology networks on Wednesday, May 8, signaling a severe security breach.

The healthcare giant has advised its business partners to temporarily sever connections to its systems as a precautionary measure. “Out of an abundance of caution, we are recommending that business partners temporarily suspend the connection to the Ascension environment,” the organization stated. The process of reconnecting will be communicated once it’s deemed safe.

Ascension has taken immediate action by taking some of its systems offline to further investigate the incident, which has also led to widespread disruptions in payments to doctors and health facilities, echoing a similar attack on UnitedHealth’s technology unit earlier this year. To manage the crisis, Ascension has enlisted the expertise of third-party cybersecurity firm Mandiant to assist in the investigation and remediation process, and has notified the appropriate authorities.

Founded in 1999 as a Catholic nonprofit, Ascension has grown to include about 134,000 associates and 35,000 affiliated providers. With a reported total revenue of $28.3 billion in 2023, the scale of this cybersecurity event underlines the increasing risks faced by major healthcare providers in the U.S., which have been targets of sophisticated cyberattacks involving social engineering tactics aimed at IT help desks.

The ongoing investigation aims to assess the impact and duration of the disruptions, ensuring patient care delivery continues safely and with minimal impact. Ascension emphasizes the severity of the situation but assures that updates will be provided as new information becomes available.

This incident is a stark reminder of the vulnerabilities in the healthcare sector and underscores the need for robust cybersecurity measures to protect sensitive data and maintain critical operations in the face of growing cyber threats.