Healthcare industry giant Ascension has broken the silence and revealed more sensitive information concerning the recent hack in June. Through a worker opening a suspicious file without even knowing the malware was actually very harmful to download, it gave room for hackers into their network exposing patient information, among others.
During the past months, the healthcare system has worked with experts in cybersecurity to analyze how the breach affected them and the amount of patient and employee data that was taken. Since the investigation has been concluded, Ascension has informed the public regarding the data stolen and measures undertaken to safeguard the victims.
The investigation established that several kinds of personal information were accessed during the breach. Though the specifics vary for each individual, the leaked information may include:
- Medical Records: Medical record numbers, service dates, types of lab tests, and procedure codes.
- Financial Data: Credit card numbers, bank account information, and insurance details such as Medicaid and Medicare IDs.
- Government Identifications: Social Security numbers and other governmental IDs.
Ascension has come out to clarify that their main Electronic Health Records, which hold extensive patient's medical histories, were unaffected. This means that those operations that are considered most core in healthcare, such as viewing patient records and prescribing drug therapies, remain safe and unimpeded.
How Ascension is Reacting
To make amends for the breach, Ascension is offering free credit monitoring and identity protection services to anyone affected. Those affected will be sent formal notification letters within the next two to three weeks, which will detail step-by-step instructions to enroll in protection services so those affected may protect themselves from potential misuse of their data.
The credit monitoring service will be offered for two years and can be used to track suspicious activity regarding an individual's personal information. Ascension also informed those who had already enrolled in protection services after the initial breach that they could continue coverage without any interruption.
If you receive a notification, enrolling in the complimentary identity protection services is crucial. For assistance, you can visit Ascension’s website or contact their support line at (866) 724-3233 during business hours.
Additionally, Ascension advises practicing general security measures, such as monitoring bank statements and staying alert for unusual activity. These steps can help minimize potential risks.
Ascension acknowledged the hurdle caused by the cyberattack and gave thanks to its patients, employees, and clinicians for their continued support. The organization highlighted its ability to persevere with such a team, and it assured the community that utmost care will be taken in protecting the information of its patients in the future.
