Catholic health system Ascension warns of disruptions following cyberattack

One of the largest Catholic health systems in the U.S. is dealing with a disruption to its clinical operations following a cyberattack detected on Wednesday. 

Ascension, a nonprofit organization that runs 140 hospitals across 19 states, published a notice saying it discovered unusual activity on network systems and immediately began an investigation, hiring Mandiant and notifying law enforcement soon after. 

“Access to some systems have been interrupted as this process continues. Our care teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible,” the organization said, noting that they are still assessing the impact of the incident and the potential duration of the outage. 

The statement adds that they are trying to identify what, if any, data was stolen during the attack.

Ascension urged its business partners to temporarily suspend connections to their technological environment. The company did not respond to requests for more information.. 

According to the organization, it provided $2.2 billion in care for those living in poverty in 2023 and has more than 35,000 affiliated providers. It also runs 40 senior living facilities.

“We will inform partners when it is appropriate to reconnect into our environment. This is an ongoing situation and we will provide updates as we learn more,” the organization said. 

The attack is yet another incident affecting a prominent healthcare system.

A ransomware attack on Prospect Medical Holdings last August affected dozens of hospitals and prompted intervention by the FBI and other federal agencies. The issue has also impacted hundreds of hospitals and medical facilities worldwide. 

There has been increased scrutiny around cybersecurity in the healthcare industry since a ransomware attack on UnitedHealth Group’s Change Healthcare severely damaged a system used by most hospitals and pharmacies across the U.S.  

The American Hospital Association argued in a letter two weeks ago that Congress should “call on federal agencies to protect hospitals and health systems — and the patients they care for — by deploying a strong and sustained offensive cyber strategy to combat this ongoing and unresolved national security threat.”