Ascension, one of the biggest private healthcare networks in the US, is confirmed to have suffered a ransomware attack, forcing multiple medical and non-emergency services to be paused.
In a cybersecurity update on Thursday, the St. Louis-based healthcare firm determined the service disruption last Wednesday to be a cyberattack from the Russian-speaking ransomware group Black Basta.
Ascension has already notified all the 140 hospitals and 40 senior living facilities using its services to temporarily disconnect while the company is still trying to restore its servers.
Several digital systems, including phones and various systems "utilized to order certain tests, procedures, and medications," have reportedly been affected by the attack.
It remains unclear if patients' medical records were accessed by the still unidentified hackers. Ascension is currently investigating the "cybersecurity incident" with federal authorities.
The company has already initiated its "downtime procedure" as it diverts its ambulances and emergency operations to other hospitals, while patient appointments are rescheduled.
Ransomware Attacks on Healthcare Firms Becomes More Rampant
The attack on Ascension is only the latest in the growing number of healthcare businesses in North America being targeted for ransomware campaigns.
The World Health Organization earlier noted "inadequate security" systems in many healthcare infrastructures, allowing bad actors to easily infiltrate private medical records.
Just last March, UnitedHealth Group, the biggest medical and healthcare provider in the country, suffered a major ransomware attack that crippled its operations for nearly a week, affecting major pharmacies and hospitals across the US.
A subsequent investigation has found that around one-third of its American customers' private information might have been compromised during the data breach.
UnitedHealth had to pay $22 million to prevent the hackers, BlackCat, from leaking sensitive medical records to the public.
A few weeks after, Canadian pharmacy London Drugs also reported attempted cyberattacks across its British Colombia branches, forcing the company to temporarily shut down its operations.
The WHO advised healthcare firms like Ascension to heighten their "cyber-maturity," including steps towards building stronger defenses on their digital assets and technology against more sophisticated cyberattacks.
US Gov't Urged to Boost Health Sector Cyber Defenses
Amid the attacks, calls for larger federal funding for better protection in the health sector are getting traction in the US government.
The supposed solution is being touted as a way to disrupt potential cyberattacks on healthcare firms and raise cyber awareness on what to do during these incidents.
The calls include plans to establish a "streamlined and efficient process" to help affected health facilities minimize cyberattacks' impact on healthcare operations.
So far, the current administration has proposed a $800 million budget plan to help 2,000 high-need hospitals by 2027 and 2028.
There are more than 6,100 hospitals and 45,311 pharmacies currently operational in the US.
