Ascension Claims Employee Unintentionally Clicked on Malware File, Causing Cyberattack in May

By Trisha Andrada

Jun 14, 2024 12:18 AM EDT

cyberattack
Ascension said the May ransomware attack was triggered by an employee who mistakenly downloaded a malicious file. (Photo : Tima Miroshnichenko / Pexels)

Ascension, one of the largest private healthcare systems in the United States, said that an employee who accidentally downloaded a malicious file caused the ransomware assault in May, rendering their computer systems inoperable.

Ascension disabled electronic patient data access for its hospitals after discovering a breach that crippled its systems on May 8. But according to their website, the facilities in Alabama, Florida, Illinois, Indiana, Kansas, Oklahoma, Texas, and Wisconsin have had access restored as of this week.

'Honest Mistake'

Ascension said on Wednesday, June 12, that it has tracked down the source of the ransomware assault.

According to AL.com, a representative from the health institution said one of their employees accidentally clicked and downloaded a malicious file that they thought was legitimate. "We have no reason to believe this was anything but an honest mistake," the spokesperson stated.

Officials from Ascension have stated that there is proof that hackers gained access to data from seven of the network's approximately 25,000 servers. While each person's data is unique, they said those files may include protected health information and personally- identifiable information.

The representative added that based on their investigation, hackers could steal files from a limited number of file servers that their associates use for daily and routine tasks.

READ NEXT: US Pharma Giant Cencora Confirms Data Breach, Says Americans' Personal and Health Information Stolen

Ongoing Inquiry

Until the inquiry is complete, Ascension will have no idea what data was collected and cannot provide a completion date for the investigation.

The representative acknowledged that the procedure had been started but warned that it would be lengthy.

Meanwhile, free credit monitoring and identity theft protection services are available to any Ascension patient or associate who requests them.

To sign up for the services, interested parties are urged to contact Ascension's specialized call center at 1-888-498-8066.

READ MORE: US Water Utilities Targeted by Cyberattacks; EPA Warns Cyberbreaches Becoming More Severe, Frequent

© 2024 VCPOST, All rights reserved. Do not reproduce without permission.

Join the Conversation

Real Time Analytics