ST. LOUIS, Mo. – Another major U.S. healthcare system has become the victim of a ransomware attack. Officials at Ascension — which is one of the largest private healthcare systems in the nation with a network of 140 hospitals in 19 states – said they first detected unusual activity on their network on May 8, reports KUT.
“Black Basta” is the type of ransomware used in the attack and has been used in other attacks on other healthcare organizations in recent years.
The attack on Ascension forced some of its hospitals to divert ambulances and resort to paper record keeping, reports CNN.
Nurses and doctors are saying the lack of access to online patient medical records is affecting patient safety, reports Michigan Public Radio. Clinicians at several of Ascension’s hospitals in Michigan said they can’t access patient histories, medications, allergies, and real-time test results. Staff said patients are going into elective surgeries before all of their lab results are back, but the volume of elective surgeries hasn’t decreased.
Nurses interviewed by MPR said they are concerned they will make medication errors because of the disruption. They fear they could lose their licenses or worse, injure or even kill a patient because they don’t have the correct information.
In a written statement, Ascension said patient safety is its “utmost priority” and urged patients to continue to show up for their appointments unless told otherwise.
Ascension Ransomware Breach Is Just the Latest to Impact Healthcare
Ascension’s cybersecurity issues are just the latest to befall a major U.S. healthcare organization. In February, Change Healthcare experienced a massive ransomware attack. The attack led to the limiting of patient care in some cases and billions of dollars worth of disrupted payments. It also likely leaked the personal data of up to one in three Americans, reports Fast Company.
In response to the spate of ransomware attacks on U.S. healthcare organizations, the federal government is investing $50 million to protect internet-connected hospital equipment from future attacks. The name of the program is “Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE).”