Ascension, a prominent healthcare provider, has made significant progress in its investigation and recovery efforts in response to a recent cybersecurity breach. The company, in collaboration with third-party cybersecurity experts, has determined that attackers gained access to files from a small number of servers primarily used for daily tasks. These compromised servers make up only seven out of the 25,000 servers within Ascension’s network. It is suspected that some of the files may contain Protected Health Information (PHI) and Personally Identifiable Information (PII) for specific individuals, although the extent of the data affected may vary for each person.

The cause of the breach has been traced back to an employee who mistakenly downloaded a malicious file, believing it to be legitimate. Ascension has clarified that this action was unintentional and not a deliberate act. Fortunately, there is no evidence to suggest that data was extracted from the company’s Electronic Health Records (EHR) and other clinical systems, which securely house full patient records. The company is currently engaged in a comprehensive review of the potentially impacted files, a process that will require substantial time to complete.

In an effort to provide reassurance to patients and associates, Ascension is offering complimentary credit monitoring and identity theft protection services to anyone who requests them. This service is available to all Ascension patients and associates, irrespective of whether their data was involved in the breach. Individuals interested in enrolling in these services can reach out to the dedicated call center at 1-888-498-8066. Ascension has affirmed that this offering is a preemptive measure aimed at comforting its community and does not indicate that any particular individual’s data has been compromised. The company is committed to transparency and will notify affected individuals and regulatory authorities once the data analysis is finalized.

Ascension acknowledges the disruption and concern caused by this incident and is dedicated to addressing the situation earnestly. The company regrets any inconvenience experienced by patients and associates and is working diligently to resolve the matter. As the investigation continues, Ascension remains vigilant in safeguarding the privacy and security of its data and is taking proactive steps to enhance its cybersecurity measures.

Overall, Ascension’s response to the cybersecurity breach demonstrates its commitment to protecting patient information and maintaining trust within its community. By working with cybersecurity experts, offering support services, and prioritizing transparency, Ascension is taking essential steps towards resolving the breach and ensuring the ongoing security of its systems.

Source link