Tech News

Ascension Says 5.6 Million People Were Affected In Medical Data Breach 

Ascension

Ascension, a hospital operator, informed Maine’s state attorney general on Friday that a ransomware attack earlier this year had impacted about 5.6 million people.

TakeAway Points:

  • Hospital operator Ascension told Maine’s state attorney general on Friday that nearly 5.6 million people were affected in a ransomware attack that hit it earlier this year.
  • According to the company, an unknown quantity of medical data was exposed, including lab results, insurance information, and patient medical records.
  • The Ukrainian government stated Friday that although online services for marriages and other affairs were shut down due to a Russian assault on the country’s justice ministry records, no data appeared to have been stolen or released.

US hospital operator Ascension says 5.6 million affected by a medical data breach in May

The company said an unspecified amount of medical data, including patients’ medical records, lab tests, and insurance information, was compromised.

Cybercriminals use ransomware to paralyze computer networks and extort a payment, typically in cryptocurrency. Many also steal data for added leverage.

Hospitals and healthcare providers – whose data is particularly sensitive and whose operations are especially critical – have regularly been targeted.

In a letter to the attorney general, Ascension’s lawyer said the incident happened on May 7 and 8 and blamed it on a “cybercriminal”, whom the company did not identify. Ascension did not immediately return a message seeking further comment.

The hack disrupted clinical operations, as reported at the time.

Founded as a Catholic nonprofit in 1999, the Ascension network has about 134,000 associates, 35,000 affiliated providers and 140 hospitals, serving 19 states and the District of Columbia.

This year, a particularly damaging intrusion at UnitedHealth affected the information of 100 million people.

Ukraine says Russian cyberattack hits state registries but no data lost

A Russian cyberattack on Ukraine’s justice ministry registries caused a shutdown of online services for marriages and other matters, but no data appears to have been leaked or stolen, the Ukrainian government said on Friday.

Russia took several months to prepare the cyberattack, which was the largest to target Ukraine’s state registries in recent times, Deputy Prime Minister Olha Stefanishyna, who is also justice minister, told reporters at a briefing in Kyiv.

Online services to register matters like marriages, cars, births, or a change of residence in Ukraine were suspended, the government service platform said.

The attack sought to “instill panic among Ukrainian citizens and those abroad,” Stefanishyna said.

The Ukrainian security service’s cyber department said their main line of investigation was that a hacker group affiliated with Russian military intelligence (GRU) was behind the attack. There was no comment from Russia.

“Data leakage is not confirmed as of now… At this stage, all registries are suspended for security purposes,” Stefanishyna said.

All the data would restored, she added. It could take up to two weeks to restore basic services, she said.

However, as of Friday afternoon, the ministry’s website said it was undergoing “technical maintenance”.

Both Russia and Ukraine have been hit by cyberattacks on their infrastructure during their 33-month-long war. Ukraine’s biggest mobile network operator was attacked last December.

Comments
To Top

Pin It on Pinterest

Share This