Another U.S. Health System Was Just Hit With a Cyber Attack

By: Julia Mehalko | Published: May 10, 2024

Ascension, a health system that runs various clinics and hospitals in the U.S., announced that they were hit with a cyber attack. Now, investigators are working on ensuring this attack was limited in scope.

Ascension’s cyber attack is just the latest health system in the U.S. that has had to deal with hackers gaining sensitive patient information. Cyber attacks on healthcare institutions have increased in recent years — and will likely continue to be a problem for the foreseeable future.

Cyber Attack Hits Ascension

St-Louis-based Ascension runs different hospitals and healthcare facilities in the United States.

An Ascension Health hospital in Indiana in the daytime.

Source: Public Domain/Wikimedia Commons

The company revealed that they were conducting an investigation into a cyber attack that had interrupted access to some of its technology systems. Thus far, Ascension hasn’t been clear on whether patient information has been accessed by these hackers.

The Discovery of the Attack

According to Ascension, they discovered that something was amiss when they noticed “unusual activity” on some of their network systems this week.

An aerial view of an Ascension hospital in Michigan seen in the daytime.

Source: Lrgjr72/Wikimedia Commons

This then led to a quick initial investigation that resulted in the realization that a “cyber security event” was occurring.

Next Steps

Now, Ascension will further conduct a more thorough investigation to learn more about what occurred during this cyber attack. The company will try to learn exactly what information may have been accessed or affected by the hacking.

A close-up of code on a computer screen.

Source: Markus Spiske/Unsplash

So far, the healthcare system hasn’t completely stated what type of information may have been impacted by the cyber attack.

Accessing Sensitive Patient Information

Whenever cyber attacks on healthcare systems occur, many people immediately become concerned that sensitive patient information has been accessed.

A doctor comforting a patient lying in a bed in the hospital.

Source: RDNE Stock project/Pexels

Ascension is aware of this, as many people throughout the country have grown concerned that their private information may now be in the hands of bad actors. Ascension has clarified that if patient information has been accessed, they will notify those who were affected.

A Huge Cyber Event

This cyber attack on Ascension is notable because the healthcare system is considered one of the biggest private healthcare systems throughout the U.S. In 2019, it was the second-largest system in the country.

A close-up of a computer screen that has code on it.

Source: RoonZ nl/Unsplash

Ascension currently runs 140 hospitals in 19 different states. Therefore, this massive cyber attack has the ability to affect many Americans.


Ascension’s Statement

Ascension has already released a statement attempting to calm down some of the worries that many Americans now have about their private health information.

A close-up of an emergency sign on a hospital building.

Source: Pixabay/Pexels

The company stated, “Our care teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible. There has been a disruption to clinical operations, and we continue to assess the impact and duration of the disruption.”


Some Good News

There has been some seemingly good news about this cyber attack. Alex Holden, the chief information officer at Hold Security, has suggested that this hacking may have been limited in scope, thanks to his analysis of Ascension’s statement.

A close-up of a patient’s hand in a hospital.

Source: Anna Shvets/Pexels

Holden, therefore, believes that the attack wasn’t necessarily a “full intrusion” into Ascension’s overall network.


Is the Threat Contained?

However, Holden has also suggested that the threat may be ongoing as Ascension investigates the attack.

A close-up of computer security on a screen.

Source: Pixabay/Pexels

“They’re also encouraging their partners to break technology connections into Ascension for the time being,” Holden explained. “There seems to be either exploitation that came from a certain party into them, or there is a threat that the breach is not fully contained — and it may affect their partners as well.”


An Increase in Healthcare Cyber Attacks

Ascension’s cyber attack is just the latest in a long run of hacking conducted on U.S. healthcare systems. Unfortunately, many security experts believe these events will continue into the near future.

A large computer screen with many different boxes of coding and hacking.

Source: Tima Miroshnichenko/Pexels

Last year, about 725 data breaches occurred, which affected at least 500 records. This year could see even more of these cyber attacks.


Why Hackers Target Healthcare Systems

Hackers have long targeted various institutions in the U.S., for different reasons. However, many bad actors have begun to hack into healthcare systems throughout the country, as it’s become a more lucrative option for them. Plus, a patient’s medical information doesn’t change — while a credit card or debit card can be canceled if it’s impacted by hackers.

The Mayo Clinic seen with cars parked out front in an urban setting.

Source: Solen Feyissa/Unsplash

As a result of this, medical records can now be sold to other bad actors for a high amount.


Locking Systems

Some hackers also conduct cyber attacks on U.S. healthcare systems so that they can lock out hospitals from their network. Then, to allow the hospitals access once again to their records, these hackers demand a ransom to be made.

A close-up of a lock on a keyboard.

Source: FlyD/Unsplash

As many security analysts believe cyber attacks on healthcare institutions will only continue for the next few years to come, healthcare systems may have to better learn how to protect their networks and patients.