Ascension Healthcare, one of the largest private healthcare systems in the United States, has disclosed a significant data breach after sensitive patient information was compromised through a third-party business partner. The incident, which affects care sites in Alabama, Michigan, Indiana, Tennessee, and Texas, has put thousands of patients on alert and reignited concerns over healthcare data security. The breach was first detected on December 5, 2024, when Ascension learned that patient data may have been involved in a security incident. Some of this data was likely stolen from the partner due to a vulnerability in third-party software used by the partner-not within Ascension’s own systems or electronic health records. While the exact number of affected patients has not been disclosed, at least 96 residents of Massachusetts had their medical records and Social Security numbers exposed. This breach follows a series of high-profile cyberattacks on healthcare providers, highlighting the persistent risks posed by third-party vendors and software vulnerabilities. The healthcare system is offering two years of complimentary identity monitoring and credit protection services through Kroll to those impacted. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. An immediate investigation was launched, and by January 21, 2025, it was determined that Ascension had inadvertently disclosed information to a former business partner.
This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 30 Apr 2025 13:55:07 +0000