Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

Ascension discloses new data breach after third-party hacking incident

Ascension, one of the largest private healthcare systems in the United States, is notifying patients that their personal and health information was stolen in a December 2024 data theft attack, which affected a former business partner. Even though the breach notifications didn't include any information regarding the total number of patients who had their data exposed in this breach, the healthcare system said in an April 28 filing with Massachusetts' Office of the Attorney General that 96 MA residents were affected and had their medical records and SSNs exposed in the incident. While the company didn't share any additional details regarding the breach impacting its former business partner, the timeline of the breach implies the attack was part of a series of Clop ransomware data theft attacks that exploited a zero-day flaw in Cleo secure file transfer software. Last year, Ascension notified nearly 5.6 million patients and employees that their personal and health data had been stolen in a May 2024 Black Basta ransomware attack. Ascension now offers two years of free identity monitoring services, including credit monitoring, fraud consultation, and identity theft restoration to those affected by this data breach. We immediately initiated an investigation to determine whether and how a security incident occurred," Ascension says in data breach notifications sent to affected individuals. Depending on the impacted patient, the attackers gained access to a combination of personal information, including name, address, phone number(s), email address, date of birth, race, gender, and Social Security numbers (SSNs). They could also access personal health information related to inpatient visits, including the physician's name, admission and discharge dates, diagnosis and billing codes, medical record number, and insurance company name. After the incident, Ascension revealed that the ransomware breach resulted from an employee who downloaded a malicious file onto a company device. "On December 5, 2024, we learned that Ascension patient information may have been involved in a potential security incident.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 30 Apr 2025 13:25:27 +0000

Cyber News related to Ascension discloses new data breach after third-party hacking incident

Ascension Cyber Attack Leaves Healthcare Sector Reeling - On May 9, Ascension, the largest nonprofit and Catholic health system in the United States, announced that it fell victim to a major cyber attack. The attack on Ascension is different since it directly impacts clinical operations across multiple ...
1 year ago Securityboulevard.com Black Basta

Ascension discloses new data breach after third-party hacking incident - Ascension, one of the largest private healthcare systems in the United States, is notifying patients that their personal and health information was stolen in a December 2024 data theft attack, which affected a former business partner. Even ...
4 months ago Bleepingcomputer.com Black Basta

Ascension says recent data breach affects over 430,000 patients - As Ascension revealed in breach notification letters sent to affected individuals in April, their information was stolen in a data theft attack that impacted a former business partner in December. While Ascension didn't reveal the total number of ...
3 months ago Bleepingcomputer.com Black Basta

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
11 months ago Aws.amazon.com

Health Care Network in Crisis: Cyberattack Shuts Down Operations Across US - In a statement released Thursday evening by Ascension Hospital, a nonprofit network based in St. Louis with 140 hospitals across 19 states, it was also reported that electronic health records, some phone systems, as well as several systems used to ...
1 year ago Cysecurity.news Black Basta

What is digital forensics and incident response? - Digital forensics and incident response is a combined set of cybersecurity operations that incident response teams use to detect, investigate and respond to cybersecurity events. As the acronym implies, DFIR integrates digital forensics and incident ...
1 year ago Techtarget.com

Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
1 year ago Securityzap.com

Incident Response Plan: How to Build, Examples, Template - A strong incident response plan - guidance that dictates what to do in the event of a security incident - is vital to ensure organizations can recover from an attack or other cybersecurity event and minimize potential disruption to company ...
1 year ago Techtarget.com

Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
1 year ago Securityboulevard.com

New Microsoft Incident Response team guide shares best practices for security teams and leaders - The incident response process can be a maze that security professionals must quickly learn to navigate-which is no easy task. Surprisingly, many organizations still lack a coordinated incident response plan, and even fewer consistently apply it. ...
1 year ago Microsoft.com

Ascension Healthcare Hacked via Third-party Business Partner - Ascension Healthcare, one of the largest private healthcare systems in the United States, has disclosed a significant data breach after sensitive patient information was compromised through a third-party business partner. The incident, which affects ...
4 months ago Cybersecuritynews.com

How to Conduct Incident Response Tabletop Exercises - An incident response tabletop exercise is an activity that involves testing the processes outlined in an incident response plan. Attack simulations are run to ensure incident response team members know their roles and responsibilities - and whether ...
1 year ago Techtarget.com

Fidelity Faces Second Data Breach Linked to Third-Party Provider: Infosys McCamish - Fidelity Investments Life Insurance Company faces another data breach challenge as it discloses a breach affecting a significant number of individuals. The breach, linked to third-party service provider Infosys McCamish, heightens worries over data ...
1 year ago Cysecurity.news

25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
2 months ago Cybersecuritynews.com

Ascension suffers Cyber Attack - Ascension, a provider of services related to hospital care and senior living facilities, has released an official statement acknowledging a cyber-attack on its IT network. The exact nature of the incident has yet to be disclosed, but unofficial ...
1 year ago Cybersecurity-insiders.com Ransomhub

AvidXchange Notifies Consumers of Data Breach Following Period of Unauthorized Access - On October 13, 2023, AvidXchange, Inc. filed a notice of data breach with the Attorney General of Massachusetts after discovering that a recent cybersecurity event resulted in an unauthorized party being able to access the company's IT network. In ...
1 year ago Jdsupra.com

4 key steps to building an incident response plan - In this Help Net Security interview, Mike Toole, head of security and IT at Blumira, discusses the components of an effective security incident response strategy and how they work together to ensure organizations can address cybersecurity issues. An ...
1 year ago Helpnetsecurity.com

EasyPark discloses data breach that may impact millions of users - Parking app developer EasyPark has published a notice on its website warning of a data breach it discovered on December 10, 2023, which impacts an unknown number of its millions of users. EasyPark is a Swedish company that creates mobile and web apps ...
1 year ago Bleepingcomputer.com

Forward Bank Notifies 46,019 Customers of Recent Data Breach - On November 17, 2023, Forward Bank filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access certain files on the company's computer network. In this notice, Forward Bank explains ...
1 year ago Jdsupra.com

Neurosurgeons of New Jersey Confirms Cyber Attack Resulting in Recent Data Breach - On December 4, 2023, Neurosurgical Associates of New Jersey filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering. In this notice, Neurosurgeons of New Jersey explains that an ...
1 year ago Jdsupra.com

Dakota Eye Institute Files Notice of Data Breach Affecting More Than 107k Individuals - On October 23, 2023, the Dakota Eye Institute filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that patients' personal information was compromised following a cyberattack. ...
1 year ago Jdsupra.com

Crum & Forster Notifies Nearly 14k Consumers of Recent Data Breach Leaking Their SSNs - On October 9, 2023, Crum & Forster filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access the company's computer network. In this notice, Crum & Forster explains that the ...
1 year ago Jdsupra.com

Citrin Cooperman Advisors Files Notice of Data Breach Following Cyberattack - On November 6, 2023, Citrin Cooperman Advisors LLC filed a notice of data breach with the Attorney General of Vermont after discovering a recent cyberattack targeting the company's computer network. In this notice, Citrin Cooperman explains that the ...
1 year ago Jdsupra.com

ProcessUnity Introduces Industry's All-In-One Third-Party Risk Management Platform - PRESS RELEASE. BOSTON-(BUSINESS WIRE)- ProcessUnity, provider of comprehensive end-to-end third-party risk management and cybersecurity solutions to leading enterprises, today announced the completed integration of the Global Risk Exchange. The newly ...
1 year ago Darkreading.com

Prudential Financial data breach impacted over 2.5M individuals - Prudential Financial data breach impacted over 2.5 million individuals. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
1 year ago Securityaffairs.com Cactus Ransomhub