Skip to main content

Round Two: Another Cyberattack on the Healthcare Sector

May 15, 2024

When the movie Jaws premiered in June of 1975, it caused a sea-change (pun intended) in the way people thought about beach-going. Before the 25-foot great white monster chewed its way into the American consciousness, vacationers were cavalier and nonplussed about hitting the waves and swimming off the shores of Miami, Galveston or Santa Monica. But once the movie hit the theaters, it literally caused a demonstrable change in the minds of many, according to some academic studies. People thought twice about taking a dip at the beach.

Three years after Steven Spielberg’s first blockbuster hit, Jaws 2 was released with one of the most memorable taglines in movie history: “Just when you thought it was safe to go back into the water.” The thinking was that the passage of time would allow the mind to ease back into its previous patterns where safety and security are the norm. Everything is going to be fine—even in five feet of saltwater.

A Scary Sequel

It wasn’t that long ago when the cyberattack against Change Healthcare caused a massive disruption in the hospital and medical sectors. Certain functions, including payment processing, were affected across the payer spectrum. The ripple effect lasted for months, but entities were able to eventually pivot to certain workarounds that helped to ease the crisis over time.

Now, however, just as we are emerging from the detrimental effects of the Change event, comes a new attack. This time, it involves a nation-wide hospital system. Last week, Ascension, which employs approximately 134,000 associates, has 35,000 affiliated providers and 140 hospitals in 19 states, announced that it was hit by a ransomware attack in a statement this past Saturday. The nonprofit health system said it had notified law enforcement and government agencies, including the FBI, the Cybersecurity and Infrastructure Security Agency and the U.S. Department of Health and Human Services (HHS).

Ascension detected “unusual activity” on some technology network systems last Wednesday. It launched remediation efforts, including working with Mandiant, a Google subsidiary and cybersecurity company, to assist with an investigation and determine if data was breached, according to a report in HealthcareDive. Several sources said the type of ransomware used in the attack against Ascension is known as “Black Basta,” which has been repeatedly used to attack healthcare organizations in recent years, according to a report in Pensacola News Journal.

The Extent of Damage

In the wake of the cybersecurity incident, which began on Wednesday and which shut down critical processes, several of the health system’s hospitals began diverting ambulances for emergency services and placing a pause on certain elective services. We also understand that Ascension’s electronic medical record (EMR) system, patient portal and some phone systems were unavailable for at least a day following the attack. In addition, various systems that the health system uses to order certain tests, procedures and medications are also down, according to one of the accounts of this event.

Ascension has not provided any information regarding a potential data breach. According to its website, the health system is still continuing to work with internal and external experts, as well as with law enforcement agencies, to determine the full scope of the attack, including whether any sensitive information was affected.

The Outlook

According to a statement released by an Ascension spokesperson, the company reacted immediately to the attack by initiating an investigation while simultaneously employing remediation efforts. The statement went on to address its current workaround in light of the cyber incident:

It is expected that we will be utilizing downtime procedures for some time. Patients should bring to their appointment notes on their symptoms and a list of current medications and prescription numbers or the prescription bottles so their care team can call in medication needs to pharmacies.

As of Saturday, Ascension did not have a timeline for system restoration. As with the Change cyberattack and other similar attacks in recent months, it would be reasonable to proceed on the assumption that some systems will remain compromised or nonfunctioning for some time in the several hospitals of the Ascension system. So, just when you thought it was back to business as usual, here comes this latest reminder that danger is still out there, it can create a great deal of havoc in its wake, and not everything is serene beneath the surface.

Get the Latest RCM News Delivered

Receive practical tips on medical billing and breaking news on RCM in your inbox.

Get in Touch