Ascension Healthcare Ransomware Attack: What You Need to Know & How To Protect Yourself Featured
Class action lawsuit alleges Ascension Healthcare failed to adequately protect patient information allowing Russian hackers to steal patient data.
A class action lawsuit was filed in the wake of Ascension Healthcare’s recent announcement that it has fallen victim to a ransomware attack. Ascension, one of the largest nonprofit Catholic health systems in the United States, employs approximately 134,000 associates, has 35,000 affiliated providers and operates 140 hospitals.
This latest attack, according to industry analysts, has all the hallmarks of a similar attack earlier this year against Change Health, a division of UnitedHealth Group. That attack forced United Health to pay a $22 million ransom and admit that a lack of multifactor authentication on a Change Healthcare server enabled the attack to succeed.
Initial reports are that the attack paralyzed Ascension’s systems, forcing it to shut down its electronic health records system and to divert emergency care at some of its hospitals. The attack also shut down its telephone systems, MyChart patient portal electronic ordering for tests and medications.
Progress is slowly being made to restore its systems – but the process, according to the St. Louis-bases health system, “will take time to complete.” You can read the latest company update here.
What Happened?
It is still very early on in the investigation but what is known so far is that on May 8, 2024 Ascension initially detected “unusual activity on select technology network systems.” It immediately took steps to contain the impact of the cyberattack and notified the FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA). It also brought in cybersecurity services firm, Mandiant, to assist with the investigation.
Security experts have likened recent hospital data breaches to car owners leaving their keys on the seat with the door unlocked. At issue is the American Hospital Association supports voluntary cybersecurity goals and has pushed back against implementing industry standard security measures required by federal and state laws. To what extent security shortfalls contributed to this incident remains to be determined, but it seems likely that Ascension will be forced to improve its security infrastructure to prevent a reoccurrence .
According to independent sources, the Russian-linked Black Basta group was behind the data breach.
Who is Black Basta?
HHS said that Black Basta was initially spotted in early 2022, and is known for its double extortion attack. The group not only executes ransomware but also exfiltrates sensitive data, operating a cybercrime marketplace to publicly release it should a victim fail to pay a ransom.
“The level of sophistication by its proficient ransomware operators, and reluctance to recruit or advertise on Dark Web forums, supports why many suspect the nascent Black Basta may even be a re brand of the Russian-speaking RaaS threat group Conti, or also linked to other Russian-speaking cyber threat groups,” the alert from HHS said.
According to one report from blockchain analytics firm Elliptic and cybersecurity risk-focused Corvus Insurance, Black Basta in less than two years has won itself more than $100 million via ransomware schemes from 329 organizations. Previous victims of its attacks include Dish Network, the American Dental Association, business process services firm Capita and tech firm ABB.
What Information Was Stolen?
Ascension has not yet revealed the extent of the data stolen during the breach. But given the scope of information typically maintained by healthcare providers, there is a high probability that the exfiltrated data contains Personal Identifiable Information (“PII”) as well as Private Health Information (“PHI”).
What is Ascension Doing To Protect My Identity?
Ascension will wait until it completes its investigation into the breach before announcing what measures it will take to help secure the identities of those affected – if any.
In the mean time, anyone who has been treated at an Ascension operated hospital should adopt a posture of heightened vigilance with respect to their online accounts.
What Can Hackers Do With My Information?
Stolen PII and PHI can be used to commit identity theft, open new credit accounts, make unauthorized purchases or obtain loans. Cyber-criminals have recently targeted America’s essential industries and in so doing have forced millions of Americans to face the fallout from these attacks.
Leaked or stolen data can be sold on the dark web forums and may be used for fraud and medical identity theft, a type of fraud, where threat actors use stolen information to submit forged claims to insurers.
Clients affected by the breach are exposed to a heightened and imminent risk of fraud and identity theft. They must now and in the future closely monitor their financial accounts to guard against identity theft and fraud.
If you receive a data breach notification from Ascension Healthcare, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options at no cost to you. For more information, please review these recommendations.
Protect Your Identity. Join the Ascension Healthcare Data Breach Class Action.
If you receive a notification letter from Ascension Healthcare, you are at permanent risk of identity theft and the devastating financial and legal consequences that go along with it.
You may be eligible to participate in a class action lawsuit to recover compensation for loss of privacy, time spent dealing with the breach, out-of-pocket costs, and more.
The lawsuit looks to cover anyone in the USA whose private information was compromised by the breach announced by Ascension Healthcare.
Please complete the below form shown on this page and a data breach attorney will contact you. There is no cost to you.