Ascension Healthcare Said Cyberattack Impacts Operations

The organization has advised its business partners to temporarily sever connections to its systems as a precautionary measure and said it would notify partners when it is safe to reconnect.

by Mihir Bagwe May 9, 2024 in Cybersecurity News, Data Breach News, Firewall Daily Reading Time: 5 mins read 0

589 SHARES 3.3k VIEWS Share on LinkedInShare on Twitter

, one of the largest nonprofit healthcare systems in the United States, is facing disruptions in clinical operations due to a cyberattack that prompted the organization to take some of its systems offline.

The organization detected unusual activity on select technology network systems on Wednesday, prompting immediate response, investigation initiation and activation of remediation efforts.

Consequently, access to certain systems has been interrupted during the ongoing investigation process.

The healthcare organization has advised its business partners to temporarily sever connections to its systems as a precautionary measure and said it would notify partners when it is safe to reconnect.

The cyber incident has disrupted clinical operations, prompting an investigation into the extent and duration of the disruption. Ascension has notified relevant authorities about the cyberattack and enlisted the services of Mandiant incident response experts to aid in the investigation and remediation efforts.

The organization operates in 19 states and the District of Columbia, Ascension oversees 140 hospitals and 40 senior care facilities.

It also boasts of a significant workforce comprising of 8,500 providers, 35,000 affiliated providers and 134,000 associates. In 2023, Ascension's total revenue amounted to $28.3 billion.

Patients Say Chaos on Display at Ascension Healthcare

Talking about the disruptions at the healthcare facility, Ascension said, “Our care teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible.” But the ground reality seems to be different, as per a patient account.

Talking to local news media Fox 2, a patient named Zackery Lopez said “chaos” was on display this Wednesday in Ascension Providence Southfield hospital where he had to wait nearly seven hours to get a pain medication for his cancer resurgence.

“Right now it is crazy. Nurses are running around. Doctors are running around. There's no computers whatsoever they can use,” Lopez said. “So, they're actually using charts.”

Lisa Watson, a nurse at Ascension Via Christi St. Joseph in Wichita, Kansas, told another local news outlet that the hospital shut down its operating rooms on Wednesday following the cybersecurity issue. She also said that system's, which the hospital uses to scan medications of patients was down, along with their electronic charts.

“We are paper-charting all medications, and all lab orders are being hand-written and sent by pneumatic tube systems to the unit they're supposed to go to,” said Watson.

Natalie Sirianni, an MD at one of the hospital linked to Ascension concurred on the chaos that ensued.

“No one knew where the forms were. Thank god we have a separate sign out with our pts (patients) meds. Nurses were writing them down from memory. This is a new reality we need to be better prepared,” Sirianni wrote on platform X.

Sirianni said the EMR (Electronic Medical Records) was completely down, and she had to do multiple rounds to make sure her patients got their meds and to check their vitals.

Sirianni said.

“No one knew where they (forms) were or which ones to use for hours. We need to have the forms ready to go to switch to paper charting. I left still not knowing how to place lab orders, talked with dozens of people from lab to phlebotomy to management, no one knew. No one was prepared and patients suffered.”

We have endless incessant modules about stupid policies to save hospitals money but never about downtime protocol,” she added.

Lopez is also concerned that his personal information was possibly at risk but said he has not received a convincing answer from the authorities yet. “They really didn't tell me if it was protected or not,” he said. “They really kind of just brushed it off when I asked them. They say they're trying to get everything back on, back on track.”

Healthcare Breaches on the Rise

This incident adds to a growing list of healthcare breaches and ransomware attacks, including the Change Healthcare that caused widespread disruptions across U.S. Initially described as an “enterprise-wide connectivity issue,” the severity of the attack went a bar above when Blackcat – also known as Alphv ransomware gang claimed responsibility for it.

The Russia-based ransomware and extortion gang claimed to have stolen millions of Americans' sensitive health and patient information, a tactic commonly employed by ransomware gangs to exert pressure on victims. However, on February 29, Blackcat withdrew its claim on the breached data of the healthcare group, raising questions if a ransom was paid.

The company did confirm that is paid a $22 million ransom later but it now faces multiple lawsuits for alleged negligence in safeguarding clients' personal information. The parent company UnitedHealth has allocated over $2 billion to fight the fallout of the Change Healthcare data breach.

The company last week also stated that a lack of (MFA) resulted into the massive hack.

In a related development, the (HHS) recently cautioned about threat actors employing social engineering tactics to target IT help desks in the (HPH) sector.

These attackers employ deception to enroll new multi-factor authentication (MFA) devices under their control, thereby gaining access to corporate resources, the HHS warned.



Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button