HQ/EMEAFind out how we can help your business
One of the US’ primary healthcare organisations, Ascension, confirmed a ransomware attack that occurred last month after one of its employees downloaded a malicious file onto a corporate device.
Ascension claimed that the incident was caused by an “honest mistake”, as the employee assumed that the downloaded file was legal material.
However, the ransomware attack from the misconduct impacted the MyChart electronic health record system, phones, and systems used to order tests, treatments, and drugs. This compromise forced the healthcare firm to take down some of its devices on May 8 to isolate the cyber security event.
The company instructed its employees to keep track of operations and prescriptions on paper because they no longer had electronic access to patient records. Ascension delayed several non-emergent elective operations, tests, and appointments while redirecting emergency medical services to other hospital facilities to avoid triage delays.
Earlier this week, the healthcare institution also revealed that some of its services are still affected and that the healthcare system is still attempting to bring some electronic health record systems, tests, procedures, patient portals, phone systems, and drug ordering systems online.
Ascension revealed that the hackers had stolen files from its networks.
The institution revealed that its initial investigation found evidence that the threat actors obtained access to and stole files from seven of its network’s hundreds of servers.
It claimed that the attackers could take files from a small number of file servers used by their associates primarily for daily and routine tasks. These servers represent seven of the approximately 25,000 servers across their network.
However, the firm still believes that some of the stolen files may contain Protected Health Information (PHI) and Personally Identifiable Information (PII) for certain individuals. Still, the specific data may differ for each affected individual.
As of now, Ascension claims it has yet to discover evidence that the attackers stole data from its Electronic Health details (EHR) and other clinical systems, which store the complete patient database.
Therefore, potentially affected parties related to this healthcare institution should be wary of unsolicited communications, such as phishing emails, since the threat actors might use the stolen details while they still have them.
