CyberInsider

Reliable cybersecurity news and resources

General

Guides

About

Cyber Insider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Ascension Health Ransomware Attack Exposes Data of 5.5 Million People

By Leave a Comment

Ascension Health, one of the largest healthcare organizations in the United States, confirmed a ransomware attack earlier this year that compromised the personal and medical data of 5.5 million individuals. The cyberattack, attributed to the BlackBasta ransomware group, was first detected in May 2024 but its full repercussions were disclosed to affected parties only now.

The breach occurred on February 29, 2024, when threat actors gained unauthorized access to Ascension's technology systems. On May 8, 2024, Ascension detected suspicious activity and promptly launched an investigation with the help of cybersecurity experts. The attackers managed to exfiltrate sensitive data from certain systems over a two-day period, specifically on May 7 and 8.

The stolen data includes a range of sensitive information, such as:

  • Medical records: medical record numbers, procedure codes, and dates of service.
  • Financial information: credit card details and bank account numbers.
  • Insurance information: Medicaid/Medicare IDs, insurance claim details, and policy numbers.
  • Government IDs: Social Security numbers, tax IDs, driver’s license numbers, and passports.
  • Personal identifiers: names, addresses, and dates of birth.

Ascension's latest update on the incident emphasizes that while patient data was compromised, their core Electronic Health Records (EHR) system was not affected. This means full medical histories stored within EHR systems remain secure.

Impact and response

Headquartered in St. Louis, Missouri, Ascension Health operates hospitals and care centers across the United States. It is among the largest nonprofit health systems, making the attack's scale particularly alarming.

Upon discovering the attack, Ascension immediately notified law enforcement, including the FBI and the Cybersecurity and Infrastructure Agency (CISA). By December 19, 2024, the organization began notifying nearly 5.6 million affected individuals through written communication and offered comprehensive support services including 24 months of credit and CyberScan monitoring,
$1 million identity theft insurance, and fully managed identity theft recovery services.

Individuals impacted by this breach are urged to take the following actions:

  • Enroll in identity theft protection services offered by Ascension.
  • Monitor credit reports and financial statements for suspicious activity.
  • Place a fraud alert or security freeze on credit files to prevent unauthorized access.
  • Stay vigilant against phishing attempts and other scams leveraging stolen personal data.

For assistance or enrollment, affected individuals can visit Ascension’s dedicated response site or call the helpline at (866) 724-3233.

About Amar Ćemanović

Amar Ćemanović is an experienced editor and trained engineer with a keen eye for detail and a passion for technology. 
Based in Bosnia, Amar specializes in producing high-quality, engaging content. He holds a Master’s degree in engineering, which helps him maintain a meticulous approach to all editorial work. Amar brings a well-rounded knowledge base, covering everything from tech solutions to privacy tools.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *