Patient Lawsuits Emerge
Ascension Health is dealing with the aftermath of a ransomware attack that has led to the filing of patient class action lawsuits. One case was filed on May 13 in a Texas district court, and another on May 14 in an Illinois district court. Both lawsuits claim that patients’ private information was exposed due to the incident, which the plaintiffs argue was “foreseeable and preventable” with adequate cybersecurity measures. Ascension has not yet disclosed whether patients’ sensitive information was compromised but is conducting an ongoing investigation.
Operational Disruptions and Downtime
The ransomware attack has significantly disrupted Ascension’s operations. The health system’s electronic health records system, MyChart, and several other critical systems have been taken offline, forcing clinicians to revert to paper records and manual processes. Emergency services have been diverted in some cases, and certain non-emergent procedures have been paused.
Response and Investigation
Ascension detected the unusual activity on May 8 and immediately activated its remediation processes, enlisting the help of Mandiant, a third-party cybersecurity firm (source 2). The organization has also notified law enforcement, including the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), and is sharing threat intelligence with industry partners to help them protect against similar incidents.
Ongoing Efforts to Restore Systems
Restoring Ascension’s systems is a complex process that is still underway. The health system has warned that it will take time to return to normal operations and has advised patients to bring notes on their symptoms and prescription information to appointments. Ascension has set up dedicated websites to provide updates on the situation and inform patients about the status of services in different regions.
Broader Implications and Recommendations
The Ascension cyberattack is part of a larger trend of increasing ransomware attacks in the healthcare sector. CISA has issued recommendations to combat ransomware, emphasizing the importance of keeping systems updated, implementing multi-factor authentication (MFA), and educating users about phishing. Healthcare CIOs are urged to prioritize these measures and consider additional steps such as sweeping for indicators of compromise (IOCs) and enhancing “Help Desk training for social engineering attacks.”
Ensuring Cybersecurity Vigilance
The Ascension ransomware attack underscores the critical need for robust cybersecurity measures in the healthcare sector. As healthcare organizations face escalating cyber threats, it is imperative to implement comprehensive security strategies and maintain vigilance to protect patient data and ensure the continuity of care.