Healthcare Organizations: Increasingly Targeted By Cybercriminals

On May 08, 2024, Ascension in Saint Louis reported it detected unusual activity on its network that could indicate a cybersecurity incident. On May 11, 2024, Ascension confirmed that it suffered a ransomware attack.

Ascension operates 140 hospitals in 19 states and Washington, D.C. It has 134,000 employees and 35,000 affiliated providers.

The ransomware attack caused Ascension's HER, MyChart patient portal, and some phone systems to go offline. Employees and operations implemented downtime procedures.

Ascension's website stated that the organization is "diligently" investigating and addressing the ransomware incident and working with "industry leading cybersecurity experts" in its investigation, restoration, and recovery efforts.

Ascension stated that it notified law enforcement, the FBI, the Cybersecurity and Infrastructure Security Agency, the Department of Health and Human Services, and the American Hospital Association.

The organization further stated that it has made progress and the systems at its care sites are "being restored in a coordinated manner."

Sources claim cybercriminals attacked Ascension with "a type of ransomware called Black Basta." "Ascension confirms ransomware attack" (May 13, 2024).

Commentary and Checklist

According to some experts, 2023 was the worst year on record for data breaches experienced by healthcare organizations – more than twice the 2022 count – with an estimated 133M breached patient records.

If patient information is breached, healthcare organizations must inform patients so they can monitor their accounts, credit reports, and place freezes on them. Consider offering identity theft protection services.

To help prevent a similar situation in your organization, the Office of Information Security and the Health Sector Cybersecurity Coordination Center recommend that healthcare organizations follow these mitigation steps to help reduce the damage of a ransomware attack:

  • First, back up data to promote data recovery, redundancy, avoiding ransom payments, and continuity.
  • Confirm that backups are free from malware or other corruption
  • Store backups on a separate network
  • Periodically test your restoration process
  • Segment your network to help contain potential ransomware.
  • Automatically update and patch software to fix security flaws exploited by ransomware. "Ransomware & Healthcare" (Jan. 18, 2024).
Finally, your opinion is important to us. Please complete the opinion survey:

What's New

Training Required For Password Best Practices

Not all employees follow cybersecurity best practices, which can put organizations at risk of a cyberattack. We examine passwords and the need for training.

Recent Data Breach Increases Risk Of A Convincing Social Engineering Scam

Cybercriminals claim to have stolen the personal financial data of more than half a billion Ticketmaster customers. Learn about the risk.

Colorado Regulates AI-Consumer Interactions: How Will This Impact Employers?

As artificial intelligence plays a larger role in everyday life, states are stepping in to regulate.