Ascension Confirms Reports of Cyber Attack, Raising Data Breach Concerns Among Patients

Richard Console, Jr.
Console and Associates, P.C.
Contact
LinkedIn
Facebook
X
Send
Embed

On May 9, 2024, Ascension posted a website notice confirming that the company is in the process of responding to what it believes is a “cyber security event.” In this notice, Ascension explains that access to certain systems has been disrupted and that the company is looking into whether the incident compromised any patient information. If Ascension confirms that patient data was subject to unauthorized access, the company will be required to send out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you receive a data breach notification from Ascension, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following a possible Ascension data breach. For more information, please see our recent piece on the topic here.

Was There an Ascension Data Breach?

The Ascension cyberattack was only recently announced and the company is still in the process of bringing its systems back online. Thus, it is too soon to determine whether there was an Ascension data breach. However, Ascension’s May 9, 2024, website notice provides some important information on what led up to the breach.

According to this source, on May 8, 2024, Ascension detected unusual activity within portions of its IT network. In response, Ascension immediately launched an investigation, which prompted Ascension to believe that the incident was related to a cyber security event.

As a result of the attack, Ascension reports that some of its systems have been disrupted, which includes a disruption to the company’s clinical operations. Ascension does not yet have a timeline for when it expects these services to regain functionality.

Ascension has also enlisted the help of a third-party forensics firm to assist with the investigation and remediation. Currently, Ascension is investigating what, if any, patient data may have been accessed by the unauthorized party.

If the Ascension investigation confirms that patient data was leaked, the company will be required under federal law to send out data breach letters to anyone who was affected by the incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About Ascension

Ascension is a faith-based healthcare organization based out of St. Louis, Missouri. The company is the world’s largest Catholic health system, as well as the largest non-profit health system in the United States. Ascension operates in 16 states, including Alabama, Florida, Georgia, Illinois, Indiana, Kansas, Kentucky, Maryland, Michigan, Missouri, Mississippi, New York, Oklahoma, Tennessee, Texas, Wisconsin and Washington, D.C. Ascension employs more than 139,000 people and generates approximately $28 billion in annual revenue.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.
Console and Associates, P.C.
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide