Patient data stolen in Ascension ransomware attack, but EHR restored

/in


Ascension this week made two follow-up announcements around the Black Basta ransomware attack that forced the non-profit healthcare provider to shut down its systems across 142 hospitals and 40 senior facilities in early May and resort to filling out charts on paper.

On June 12 Ascension said attackers stole files that may contain the protected health information (PHI) and personally identifiable information (PII) of patients. Ascension said an employee working in one of its facilities accidentally downloaded a malicious file that they thought was legitimate.

“We have no reason to believe this was anything but an honest mistake,” said the non-profit.

Wednesday’s announcement was followed on June 14 with news that electronic health record access was restored across the Ascension health system. Ascension said this means that clinical workflow in its hospitals and clinics will function similar to the way it did prior to May’s ransomware attack.

“The Ascension announcement is not a surprise, the Health Sector Coordinating Council identified social engineering as the first attack vector to be concerned about when prioritizing risk remediation,” said Toby Gouker, chief security officer at First Health Advisory, and an SC Media columnist. “I applaud the transparency here, which is not common or required, but goes a long way to support the patients impacted and other entities that should review their systems and processes to prepare for similar outcomes.”

Gouker added that bad actors talk all the time about what works on medical facilities, and we need to share far more on what they are doing and our actions to lessen the impact.

“Phishing, social engineering, and other cyberattacks will continue to happen, even to the best of us because of the asymmetry of the contest,” said Gouker. “What’s crucial is to focus on recovery and building resilience.”

Ashley Leonard, founder and CEO of Syxsense, pointed out that there are two important differences in Ascension’s response versus the response from United Healthcare after the Change Healthcare incident earlier this year.

Leonard said Ascension’s latest posts demonstrated a clear difference in culture. Ascension framed the…

Source…