Ascension is one of the largest private healthcare systems in the United States, ranking second in the United States by the number of hospitals as of 2019.
The organization was hit by a ransomware attack that severely impacted operations at hospitals in the country.
Impacted systems include electronic health records system, MyChart (which enables patients to view their medical records and communicate with their providers), some phone systems, and various systems utilized to order certain tests, procedures and medications.
The company detected the unusual activity on its network on May 8 and determined that it was the result of a cyber attack.
Ascension launched an investigation into the incident with the help of external forensics experts and is working to contain the attack and restore impacted systems. The company pointed out that the attack investigation and restoration activities will take time to complete.
The healthcare organization has temporarily suspended some non-emergent elective procedures, tests and appointments.
“We have implemented established protocols and procedures to address these particular system disruptions in order to continue to provide safe care to patients.” reads the notice of security incident. “Due to downtime procedures, several hospitals are currently on diversion for emergency medical services in order to ensure emergency cases are triaged immediately.
The notice doesn’t include details about the incident, it is unclear if threat actors have stolen information from Ascension.
However the impacts of the security breach and the emergency response procedures launched by the company suggests it was hit by a ransomware attack.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Healthcare)