Ascension, one of the largest private healthcare systems in the United States, is notifying patients that their personal and health information was stolen in a December 2024 data theft attack, which affected a former business partner. Even though the breach notifications didn't include any information regarding the total number of patients who had their data exposed in this breach, the healthcare system said in an April 28 filing with Massachusetts' Office of the Attorney General that 96 MA residents were affected and had their medical records and SSNs exposed in the incident. While the company didn't share any additional details regarding the breach impacting its former business partner, the timeline of the breach implies the attack was part of a series of Clop ransomware data theft attacks that exploited a zero-day flaw in Cleo secure file transfer software. Last year, Ascension notified nearly 5.6 million patients and employees that their personal and health data had been stolen in a May 2024 Black Basta ransomware attack. Ascension now offers two years of free identity monitoring services, including credit monitoring, fraud consultation, and identity theft restoration to those affected by this data breach. We immediately initiated an investigation to determine whether and how a security incident occurred," Ascension says in data breach notifications sent to affected individuals. Depending on the impacted patient, the attackers gained access to a combination of personal information, including name, address, phone number(s), email address, date of birth, race, gender, and Social Security numbers (SSNs). They could also access personal health information related to inpatient visits, including the physician's name, admission and discharge dates, diagnosis and billing codes, medical record number, and insurance company name. After the incident, Ascension revealed that the ransomware breach resulted from an employee who downloaded a malicious file onto a company device. "On December 5, 2024, we learned that Ascension patient information may have been involved in a potential security incident.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 30 Apr 2025 13:25:27 +0000