June 13, 2024

Patient files stolen in Ascension cyberattack

Editor's Note

Personal patient data could have been compromised in the May 8 cyberattack on Ascension, according to the latest update from the St. Louis-based healthcare system.

Posted June 12, the update reveals that attackers accessed files from seven out of 25,000 file servers used for routine tasks, potentially containing Protected Health Information (PHI) and Personally Identifiable Information (PII). The breach occurred when an employee mistakenly downloaded a malicious file—characterized as an “honest mistake” – and there is no evidence that data from Electronic Health Records (EHR) and other clinical systems were compromised.

The specific data affected and the individuals involved are still under investigation. To provide peace of mind, Ascension is offering free credit monitoring and identity theft protection services to all patients and associates, regardless of whether their data was compromised.

Live chat by BoldChat