- Ascension suffered a ransomware attack in May 2024
- It has now concluded its investigation into the attack.
- Confidential data of almost 5.6 million people was stolen
The hackers who attacked Ascension with ransomware managed to steal a trove of sensitive customer information, with medical information, personally identifiable information, payment data, and more all compromised.
The American healthcare giant has released new details about the ransomware attack and has filed a new form with the Maine Attorney General's Office.
The cyberattack occurred on May 7 and 8 and caused significant disruptions to clinical operations. Employees were unable to access electronic medical records or patient portals, and some facilities were even forced to divert ambulances and elective care was subsequently suspended.
Disruption of medical care
In the filing, the firm said that exactly 5,599,699 people were affected by the incident, and in the update, it added that the information the criminals took included:
- medical information (medical record number, date of service, types of laboratory tests or procedure codes)
- payment information (credit card information or bank account number)
- insurance information (Medicaid/Medicare ID, policy or insurance claim number)
- government identification (Social Security number, tax identification number, driver's license number or passport number)
- and other personal information (date of birth or address).
While the attack appears enormous and puts millions at risk of identity theft, phishing, and social engineering attacks, Ascension maintains a positive outlook.
“Although patient data was involved, it is important to note that there remains no evidence that the data was taken from our Electronic Health Records (EHR) and other clinical systems, where our complete patient records are securely stored.” , said.
The company said it will now begin notifying affected people and expects the work to be completed within three weeks.
At the time of this publication, no threat actor claimed responsibility for the attack, and we don't know if Ascension paid any ransom in exchange for the data, although it did say that the attack affected its ability to recover from the previous financial year.