(OSV News) – The nation’s largest Catholic health system reported what it called a “cybersecurity incident” May 8, resulting in “a disruption to medical operations.” A cyberattack is part of a growing and dangerous criminal activity targeting the entire healthcare sector.
In a May 9 update posted to its website, Ascension said it “experienced normal activity” in its online system and was “working around the clock with internal and external consultants to research, secure, and restore our systems after the validation and analysis process.
The attack did not include Ascension’s health care system, including “some cell phones, and various systems used to order certain tests, procedures and medications,” according to with the new one.
Ascension said it has “temporarily paused” some nonemergency voting procedures, tests and elections “out of an abundance of caution” while working to “bring systems back online.”
“Due to low-risk procedures, some hospitals are now available for emergency medical services to ensure that emergency cases are treated quickly,” Ascension said.
“Safety of patients remains our top priority as we manage this cybersecurity incident,” the health system added. “We strongly support our businesses as they continue to provide patient care with downtime protocols and procedures, in which our staff are well trained.”
Ascension said it plans to “use low-cost procedures for a while,” and advised patients to “bring their records of their symptoms and a list of medications current treatment and prescription numbers or prescription bottles so that their care team can call the necessary drugs.
The health care industry is “vulnerable” to cybersecurity attacks, according to the US Department of Health and Human Services.
A recent HHS policy report found that health care facilities “are ideal targets for cybercriminals because of their size, technological dependence, sensitive data, and unique vulnerabilities to threats.”
Cyberattacks against health care systems are on the rise, according to the HHS, which shows a 93% increase from 2018 to 2022.
HHS works with the Cybersecurity and Infrastructure Security Agency and the Health Sector Coordinating Council Cybersecurity Working Group to strengthen defenses against such breaches.
The agencies also emphasize the need to be alert for attempts to gain unauthorized access to systems, denial of service (DOS) attacks lasting more than 12 hours, malicious code, emails or messages email related to phishing attempts, and ransomware targeting critical systems.
Headquartered in St. Louis, the nonprofit Ascension was founded in 1999 by the Daughters of Charity National Health System and the Sisters of St. Joseph Health System, merged with the Carondelet Health System in 2002.
Over the years, several health care organizations have joined Ascension, which operates more than 2,600 sites in 19 states and the District of Columbia.
Ascension’s primary support groups include St. Louise Province of the Daughters of Charity of St. Vincent de Paul, the Sisters of St. Joseph of Nazareth (now part of the Congregation of St. of Carondelet, the Society of the Alexian Brothers and Sisters of the Sorrowful Mother.
In 2011, the Vatican approved the creation of a canon law organization known as “public juridic person” as the sole sponsor of Ascension, guaranteeing the health care system “as a business will continue and strengthen over time, including the religion and the people who serve as members,” according to Ascension’s website.
Gina Christian is a multimedia reporter for OSV News. Follow her on X, Twitter first, at @GinaJesseReina.
The post Cyberattack on the largest Catholic health care system in the area of increasing crime appeared first on OSV News.