Ascension Catholic hospitals in midst of possible cyberattack


Ascension Health Systems has told all business partners to disconnect from Ascension networks after a suspected cyberattack disrupted operations at its care facilities across the US.

The massive non-profit Catholic healthcare organization operates 140 hospitals and 40 senior care facilities across the nation, handling more than 16.4 million physician office and clinic visits alone in 2023.

Ascension first announced it was facing a suspected cyberattack on the social media platform X about 4:00 p.m. Wednesday afternoon.

ADVERTISEMENT

“We detected unusual activity on select technology network systems, which we now believe is due to a cybersecurity event. Our care teams have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible,” the post said.

The mission-based healthcare operator, which said it first became aware of the intrusion earlier Wednesday, also posted a notice on its online newsroom titled ‘Network Interruption Update.’

Additionally, an Ascension spokesperson told Cybernews that although response teams were immediately activated, “some systems have been interrupted.”

“There has been a disruption to clinical operations, and we continue to assess the impact and duration of the disruption,” the spokesperson said.

The system disruptions have also led the company, "out of an abundance of caution," to recommend that its business partners “temporarily suspend the connection to the Ascension environment," they said.

Ascension says it will inform those partners when it is safe to reconnect to the network.

Ascension cyber incident notice
Image by Cybernews
ADVERTISEMENT

UnitedHealth hack 2.0?

If nefarious, it would be the second cybersecurity attack impacting a major health organization so far this year.

Change Healthcare, the technology arm of UnitedHealth Group, was the victim of a massive ransomware attack in February, disrupting the entire US healthcare and pharmacy ecosystem for weeks.

The attack, carried out by the Russian-linked ransomware cartel ALPHV/BlackCat, led to UnitedHealth, with help from the US government, having to spend billions to bail out many hospitals and healthcare facilities that became cash-strapped due to not being able to file insurance claims and receive payments.

So far, no ransomware group has claimed the attack on Ascension, and the ALPHV/BlackCat ransom group has been dormant since it received a $22 million March payout from UnitedHealth's CEO, who testified about the attack on Capitol Hill earlier this month.

It's also not clear if any sensitive data has been stolen from Ascension network systems due to the unusual activity, but the spokesperson said the company would "notify and support" those affected according to legal regulations and guidelines.

Last month, UnitedHealth confirmed that a “a substantial proportion” of Americans had their data exposed in the Change attack, and hackers have since claimed to have exfiltrated 6TB in total from the conglomerate.

Ascension’s spokesperson told Cybernews the incident an “ongoing situation” and the company “will provide updates as we learn more.”

The non-profit said it has already brought in outside cybersecurity teams from Google’s Mandiant to help investigate the breach and restore systems. Ironically, Mandiant teams were also brought in to work on the UnitedHealth hack.

Headquartered in St Louis Missouri, Ascension facilities can be found in 19 states, and in Washington, D.C.

ADVERTISEMENT

Besides 180 sites of care, the health system includes 134,000 associates, 35,000 affiliated providers, and 8,500 employed providers, and according to its website, spent over $2.2 billion last year on care for the poor, uninsured, and other community benefit programs.