Ascension Confirms Initial Access Vector and Data Theft During a Ransomware Attack

Ascension has reported the theft of files from a few servers during its latest ransomware attack. Some files included personally identifiable information (PII) and protected health information (PHI). The attackers accessed servers that were employed for everyday and regular tasks, and just 7 out of 25,000 servers had been exposed during the attack.

Ascension cannot say at this time what kinds of information were affected or the number of individuals impacted since the files should be carefully checked, but no proof was found that suggests the exposure of electronic medical records or other clinical systems. The evaluation procedure has begun although there are a considerable number of files to assess, so that procedure will probably require some time.

Notification letters will be sent to the impacted persons after the process is complete, therefore Ascension patients will need to wait to learn whether their information was accessed or stolen. The situation that Ascension is facing is not ideal, therefore to assure patients, Ascension has promised to provide credit monitoring and identity theft protection services for free. Those services will be provided to any patient who needs them, though it’s likely that some patients’ data will be later determined as not affected by the attack.

To request those services, patients can contact Ascension’s call center at 1-888-498-8066; Ascension may still be unable to answer queries from patients about whether or not their information was affected until the finalization of data analysis.

All concerned Ascension patients and personnel are encouraged to make use of these services, mentioned by Ascension. However, the offer doesn’t mean that the company has determined that a particular patient’s information was compromised. Instead, it shows the company’s desire to assure all patients and contacts irrespective of any effect to particular persons’ data.

Ascension has likewise reported that a malicious file was the preliminary access vector, which was unknowingly saved by an employee who thought it was a legitimate file. Ascension is pleased that there was no malicious intention and that the incident was an honest blunder. That file gave the attackers a footing in its system, letting them move sideways and employ ransomware for files encryption.

Photo credits : Dall-E / ChatGPT

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

John Blacksmith

John Blacksmith is a journalist with several years experience in both print and online publications. John has specialised in Information technology in the healthcare sector and in particular in healthcare data security and privacy. His focus on healthcare data means he has specialist knowledge of the HIPAA regulations. John has a degree in journalism.