Ascension stated that it is in contact with many federal agencies and called their cybersecurity situation a “ransomware incident” for the first time. The 140-hospital health system stated that while it is “making progress,” it would “take time to complete” at each of its treatment sites as it continues to work on investigating and restoring its systems. The FBI, the Department of Health and Human Services, the Cybersecurity and Infrastructure Security Agency (CISA), and other government agencies have all been informed.

When Ascension learned of the intrusion, it immediately acted to safeguard its systems. Although the organization’s workers are trained to operate under downtime protocols, its facilities remain open. Its clinical treatment has been considerably affected, with physicians working on paper records and diverting certain emergency services. Ascension is currently experiencing disabled systems, halted operations, and redirected ambulances as it continues to investigate what it has now determined to be a cybersecurity incident.

Ascension did reveal that “some” phone lines, other systems for ordering tests, treatments, and prescriptions, as well as its MyChart electronic health records system, are now unavailable to its facilities. The report states that Ascension has multiple hospitals on diversion for emergency medical services and that, “out of an abundance of caution,” “some” of its non-emergent elective treatments, tests, and other appointments have been temporarily paused. According to the system, any patients whose treatment has to be postponed are being worked with by its personnel.

Remedial steps have been initiated “immediately,” according to the big nonprofit system, and clinical activities and “access to certain systems” have been interfered with. The company has commenced an inquiry and enlisted the help of Mandiant, an outside cybersecurity company. Ascension issued a statement saying, “We are recommending that business partners temporarily suspend the connection to the Ascension environment out of an abundance of caution.” “When it’s appropriate to reintegrate into our surroundings, we will notify partners.”

Based in St. Louis, Ascension stated that it is currently evaluating an ongoing problem, but it did not specify the scope of the disruptions or if any of its data had been stolen. According to the system, it has also informed the “relevant authorities” and will offer further details as soon as they become available. It stated, “In compliance with all applicable regulatory and legal guidelines, we will notify and support those individuals should we determine that any sensitive information was affected.”

Across the nation, the Catholic health system is responsible for managing 40 senior living communities and 140 hospitals. In its most recent fiscal year, the company, which employs over 132,000 people, generated over $28 billion in revenue and billions of operational losses. According to the Detroit Free Press, Ascension is continuing to take patients in need of life-saving care while redirecting ambulances carrying medically stable patients to other systems. The magazine was informed by a physician in Ascension, Michigan, that physicians are now using paper records, phone conversations, and other analog methods of providing treatment. To guarantee that patient care delivery remains safe and is as little disrupted as possible, the system stated that its care staff “are trained for these kinds of disruptions and have initiated procedures.”

Leave a Reply