HQ/EMEAFind out how we can help your business
One of the US’s most prominent private healthcare organisations, Ascension, has taken some of its systems offline to investigate an alleged cybersecurity attack that could disrupt its operations.
Ascension is a nonprofit health organisation in the United States that owns about 140 hospitals and 40 elder care facilities in nearly 20 states, including the District of Columbia. Moreover, it is the home to more than 8,500 healthcare workers, 35,000 affiliates, and 134,000 associates. It was also one of the most profitable healthcare institutions last year after earning a total revenue of $28.3 billion.
Ascension detected the unwanted activity this month.
Ascension claimed it detected unusual cybersecurity activity on select technology network systems earlier this week. After further evaluation, they now believe that these activities are due to a cyber security event. Still, they assured concerned individuals that they had immediately responded by activating their remediation efforts and investigation team.
Their initial assessment noticed that some systems had suffered interruptions. Hence, they advise their business partners to cut ties with their systems until they notify them about the actual nature of the event.
The incident also disrupted the firm’s clinical activities. An ongoing inquiry is now being conducted to determine the impact and scope of the alleged malicious activity. This healthcare firm has also notified the relevant law enforcement agencies about the cyberattack and hired a third-party cybersecurity provider to help them with the investigation and repair process.
A spokeswoman for Ascension also released a statement through an email to one of the inquiries stating that their reports are all published on their official website. Furthermore, they assured everyone they would release more details about the attack once they uncovered more information.
Last month, the US Department of Health and Human Services also published an advisory regarding a threat group that is now utilising social engineering techniques to target IT help desks in the Healthcare and Public Health (HPH) sector.
These attackers deceive staff into registering new multi-factor authentication (MFA) devices under their control, granting them access to corporate resources. The healthcare industry has received many threats over the past few months. Therefore, individuals related to this industry should be aware of this news to avoid falling victim to threat actors currently targeting healthcare firms.
