A programer shows a sample of a ransomware cyberattack on a laptop in Taipei, Taiwan. Ascension health network said Thursday that it responded to a cybersecurity attack and that some of its operations have been disrupted due to remediation. File Photo by Ritchie B. Tongo/EPA
May 9 (UPI) — Major hospital system Ascension on Thursday said it responded to a suspected cybersecurity attack on some of its networks.
According to a release, Ascension, which operates more than 140 hospitals throughout the United States, on Wednesday detected “unusual activity” indicative of a cybersecurity threat.
“We responded immediately, initiated our investigation and activated our remediation efforts,” the statement read. “Access to some systems have been interrupted as this process continues.”
While there has been a disruption to clinical operations, Ascension said its care teams are trained to ensure patient care is affected as little as possible during incidents such as this.
An Ascension spokesperson told NBC 5 Chicago that Illinois clinics were experiencing “some IT service interruptions.”
Ascension operates 150 care sites and 14 hospitals in Illinois and is one of the largest health care providers in the state.
Ascension Saint Agnes Hospital in Baltimore paused emergency department admissions after it said the cyberattack impacted its clinical operations.
Justin Blome, a spokesperson for Saint Agnes, told the Baltimore Sun that EMS workers are diverting patients to neighboring hospitals in the meantime.
Saint Agnes did not give a timeline for when it would receive emergency patients again.
Ascension said Virginia-based cybersecurity firm Mandiant is assisting in the investigation and remediation, and the health system has notified the appropriate authorities.
The company said it is reaching out to business partners to ensure they are aware and can safeguard their own systems.
Ascension is a nonprofit Catholic health care system with about 140 hospitals across the United States. It is just the latest major health system to be affected by a cybersecurity attack.
Earlier this year, Lurie’s Children’s Hospital fell victim to an attack that brought its computer systems down for months. A cyberattack on UnitedHealth Group left many health care providers unable to fill medications or get reimbursed by insurers for months.
The Federal Bureau of Investigation in July 2022 warned that North Korean-backed hackers were targeting American health organizations with ransomware.
An FBI advisory said the hackers were using “Maui” ransomware to attack health care and public health agencies since at least May 2021.
The FBI in June 2022 said it thwarted an Iranian-backed cyberattack against Boston Children’s Hospital the previous summer.
Three Alabama hospitals in 2019 were forced to turn away new and non-emergency patients after a ransomware attack compromised their systems.
A cyber attack on UCLA hospitals in 2015 could have compromised the personal information of up to 4.5 million patients, the organization said at the time.
UCLA Health said it did not have evidence to suggest the patients’ information was actually accessed but that it took the attack “very seriously” and took “significant steps” to prevent a future attack.
