On May 8, 2024, Ascension, a nonprofit and Catholic health system “detected unusual activity on select technology network systems,” according to an Ascension spokesperson. This unusual activity was later determined to be a ransomware attack. With 140 hospitals across 19 U.S. states and Washington D.C., Ascension is one of the nation’s largest health systems. According to a May 9 update from Ascension, the systems that are unavailable include: Other systems that are offline include those used to “order certain tests, procedures, and medications.” The Ascension website does not call out any systems that have been restored as of publication.
The interruptions have made it difficult for patients to access portals and contact their healthcare providers. “Our care teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible,” said an Ascension spokesperson in a May 9 update. According to NPR, Ascension has returned to paper-based and manual methods of charting and ordering medications and labs, which has been a blast from the past and disorganized and messy at times. The healthcare organization has been working with various cybersecurity experts, such as Mandiant, Palo Alto Networks Unit 42, and CYPFER, as well as government agencies like the FBI, Cybersecurity and Infrastructure Security Agency (CISA), U.S. Department of Health and Human Services (HHS), the American Hospital Association (AHA), and the Health Information Sharing and Analysis Center (H-ISAC). Resource: For more information on the Ascension ransomware attack, visit the update website.