CyberSecurityBoard
Sponsor Register Login

Ascension says recent data breach affects over 430,000 patients

As Ascension revealed in breach notification letters sent to affected individuals in April, their information was stolen in a data theft attack that impacted a former business partner in December. While Ascension didn't reveal the total number of affected individuals at the time, an April 29 filing said that the incident impacted 114,692 individuals in Texas, and the company also told Massachusetts' Office of the Attorney General that 96 residents had their medical records and SSNs exposed in the incident. Although Ascension didn't share any details regarding the breach affecting its former business partner, the timeline of the breach implies that the attack was part of widespread Clop ransomware data theft attacks that exploited a zero-day flaw in Cleo secure file transfer software. Last year, Ascension also notified almost 5.6 million patients and employees that their personal, financial, insurance, and health information had been stolen in a May 2024 Black Basta ransomware attack. Ascension, one of the largest private healthcare systems in the United States, has revealed that a data breach disclosed last month affects the personal and healthcare information of over 430,000 patients. Depending on the impacted patient, the attackers could access personal health information related to inpatient visits, including the physician's name, admission and discharge dates, diagnosis and billing codes, medical record number, and insurance company name. However, the healthcare giant also disclosed in an April 28 filing with the U.S. Department of Health & Human Services (HHS) that wasn't published until today that the data breach affected 437,329 individuals. ​Ascension offers two years of free identity monitoring services to those impacted by this incident, including credit monitoring, fraud consultation, and identity theft restoration. "On December 5, 2024, we learned that Ascension patient information may have been involved in a potential security incident. After the incident, the healthcare organization revealed that the ransomware breach resulted from an employee downloading a malicious file onto a company device. They could also gain access to personal information, including name, address, phone number(s), email address, date of birth, race, gender, and Social Security numbers (SSNs). Ascension also had to pause some non-emergent elective procedures, tests, and appointments and redirect emergency medical services to unaffected healthcare units to prevent triage delays.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 09 May 2025 18:50:06 +0000


Cyber News related to Ascension says recent data breach affects over 430,000 patients

Ascension Cyber Attack Leaves Healthcare Sector Reeling - On May 9, Ascension, the largest nonprofit and Catholic health system in the United States, announced that it fell victim to a major cyber attack. The attack on Ascension is different since it directly impacts clinical operations across multiple ...
11 months ago Securityboulevard.com Black Basta
Ascension says recent data breach affects over 430,000 patients - As Ascension revealed in breach notification letters sent to affected individuals in April, their information was stolen in a data theft attack that impacted a former business partner in December. While Ascension didn't reveal the total number of ...
1 week ago Bleepingcomputer.com Black Basta
Health Care Network in Crisis: Cyberattack Shuts Down Operations Across US - In a statement released Thursday evening by Ascension Hospital, a nonprofit network based in St. Louis with 140 hospitals across 19 states, it was also reported that electronic health records, some phone systems, as well as several systems used to ...
1 year ago Cysecurity.news Black Basta
Ascension discloses new data breach after third-party hacking incident - ​Ascension, one of the largest private healthcare systems in the United States, is notifying patients that their personal and health information was stolen in a December 2024 data theft attack, which affected a former business partner. Even ...
3 weeks ago Bleepingcomputer.com Black Basta
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
7 months ago Aws.amazon.com
Nurses at Ascension hospital in Michigan raise alarms about safety following ransomware attack - A nurses union in Michigan is demanding the implementation of safety precautions following weeks of chaos due to a ransomware attack on Catholic hospital network Ascension. In a petition directed at Ascension CEO Joseph Impicciche and several other ...
11 months ago Therecord.media
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
1 year ago Securityboulevard.com
Integris Health patients get extortion emails after cyberattack - Integris Health patients in Oklahoma are receiving blackmail emails stating that their data was stolen in a cyberattack on the healthcare network, and if they did not pay an extortion demand, the data would be sold to other threat actors. Integris ...
1 year ago Bleepingcomputer.com Hunters
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
1 year ago Securityzap.com
Ascension Healthcare Hacked via Third-party Business Partner - Ascension Healthcare, one of the largest private healthcare systems in the United States, has disclosed a significant data breach after sensitive patient information was compromised through a third-party business partner. The incident, which affects ...
3 weeks ago Cybersecuritynews.com
1 million Corewell Health patients could be impacted by second data breach - GRAND RAPIDS, MI - About one million Corewell Health patients in southeast Michigan may have had their personal and medical information exposed in yet another nationwide data breach. Michigan Attorney General Dana Nessel on Tuesday, Dec. 26, ...
1 year ago Mlive.com
PJ&A says cyberattack exposed data of nearly 9 million patients - PJ&A is warning that a cyberattack in March 2023 exposed the personal information of almost nine million patients. PJ&A provides medical transcription services to healthcare organizations in the United States. The company said the threat actors ...
1 year ago Bleepingcomputer.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
1 year ago Bleepingcomputer.com
Former Uber CISO Speaks Out, After 6 Years, on Data Breach, SolarWinds - Joe Sullivan arrived at his sentencing hearing on May 4 this year, prepared to go to jail had the judge not gone with a parole board's recommendation of probation. A federal jury convicted the former Uber CISO months earlier on two charges of fraud ...
1 year ago Darkreading.com
Ascension suffers Cyber Attack - Ascension, a provider of services related to hospital care and senior living facilities, has released an official statement acknowledging a cyber-attack on its IT network. The exact nature of the incident has yet to be disclosed, but unofficial ...
1 year ago Cybersecurity-insiders.com Ransomhub
Healthcare software provider data breach impacts 2.7 million - ESO Solutions, a provider of software products for healthcare organizations and fire departments, disclosed that data belonging to 2.7 million patients has been compromised as a result of a ransomware attack. According to the notification, the ...
1 year ago Bleepingcomputer.com
Dakota Eye Institute Files Notice of Data Breach Affecting More Than 107k Individuals - On October 23, 2023, the Dakota Eye Institute filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that patients' personal information was compromised following a cyberattack. ...
1 year ago Jdsupra.com
Ransomware gang behind threats to Fred Hutch cancer patients - The Hunters International ransomware gang claimed to be behind a cyberattack on the Fred Hutchinson Cancer Center that resulted in patients receiving personalized extortion threats. Fred Hutch is a Seattle-based cancer research and patient care and ...
1 year ago Bleepingcomputer.com Hunters
Delta Dental says data breach exposed info of 7 million people - Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental is a dental insurance provider that covers 85 million people ...
1 year ago Bleepingcomputer.com CVE-2023-34362
Data breach debacle hits yet another UK public sector org The Register - More than 22,000 patients of Cambridge University Hospitals NHS Foundation Trust were hit by data leaks that took place between 2020 and 2021. In both cases, it was an own goal when the org handed over the data itself while responding to requests ...
1 year ago Go.theregister.com
Console & Associates, P.C.: ESO Solutions Notifies 2.7M of Data Breach - PRESS RELEASE. MARLTON, N.J., Dec. 20, 2023 /PRNewswire/ - Approximately 2.7 million patients are being notified that their Social Security numbers and other confidential information were compromised when an unauthorized party gained access to ESO ...
1 year ago Darkreading.com
Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
1 year ago Securityboulevard.com
Ardent hospital ERs disrupted in 6 states after ransomware attack - Ardent Health Services, a healthcare provider operating 30 hospitals across six U.S. states, disclosed today that its systems were hit by a ransomware attack on Thursday. It had to take its entire network offline, notify law enforcement, and hire ...
1 year ago Bleepingcomputer.com
Delta Dental of California data breach exposed info of 7 million people - Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider ...
1 year ago Bleepingcomputer.com CVE-2023-34362
Mint Mobile discloses new data breach exposing customer data - Mint Mobile has disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks. Mint is a mobile virtual network operator owned by T-Mobile, offering budget, pre-paid ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)