Ransomware attack impacts millions

Ascension says the May ransomware attack resulted in the breach of Social Security numbers, medical procedure codes and more.

By

State News

December 24, 2024 - 11:46 AM

Ascension says the May ransomware attack resulted in the breach of Social Security numbers, medical procedure codes and more. Photo by Hugo Phan/KMUW/Kansas News Service

WICHITA — An estimated 5.6 million people had personal information leaked during a May cyberattack against health care provider Ascension, according to the organization.

That makes the incident the third-largest breach of health care data reported in 2024.

The leaked information includes sensitive data including medical procedure codes and types of lab tests, as well as Social Security numbers and credit card information.

“Essentially, almost every piece of personally identifiable information that the patients had with Ascension seems to have been accessed and compromised,” said Kaustubh Medhe, vice president of research at the cyber threat-intelligence firm Cyble, which monitors activity on the dark web.

He said cybercriminals often try to use the stolen information to extract money from victims through sophisticated phishing attacks.

“Anytime such a large-scale data breach happens, we usually see this data coming up for sale on the dark web, typically within a year and a half of the actual breach occurring,” Medhe said.

THE ATTACK is linked to the cybercrime organization Black Basta, which has repeatedly targeted “critical infrastructure sectors” like health care, according to federal officials.

Current and former patients, senior living residents and employees were included in the breach. It’s unclear how many Kansans had information stolen. Ascension operates several hospitals, outpatient clinics and senior living facilities in the state.

The company said it began notifying people whose personal information may have been stolen by mail last week. It expects letters to arrive in the next few weeks.

“The data involved varies and cannot be confirmed for each individual,” Ascension said in a news release.

Ascension is offering victims two years of free credit monitoring.

THE MAY 8 ransomware attack caused widespread disruptions to patient care across more than a dozen states, including at the organization’s Via Christi Wichita hospitals. Nurses told KMUW they were unable to access essential digital systems for weeks, such as one that reduces medication dosing errors.

Ascension says its facilities provided safe care throughout the impacted time period.

In a news release, Ascension thanked its clinicians for working during the cyberattack.

“The resilience and dedication shown by all our associates have been truly remarkable, and their embodiment of our Mission throughout this time has not gone unnoticed,” the company wrote.

Related
October 6, 2021
July 9, 2021
July 6, 2021
February 24, 2020