Hospital Operator Ascension ‘Making Progress’ to Restore Systems After Cyberattack

Hospital operator Ascension said on Monday that it “worked around the clocked” over the weekend to handle a recent ransomware attack that disrupted operations.

“We are focused on restoring systems safely. We are making progress, however, it will take time to return to normal operations,” said Ascension in a statement on a site dedicated to the incident that also gives regional updates for 11 states. “As systems and services come back online, we will share those updates so that our patients and communities can plan accordingly.”

As one of the largest nonprofit and Catholic U.S. health systems, Ascension has been working to restore systems with the help of cybersecurity firm Mandiant since detecting what it called “unusual activity” on it networks on May 8 that led to a recommendation that business partners disconnect from the Ascension environment. Systems affected by the cyberattack included electronic health records system MyChart, some phone systems, and other systems that allow the ordering of tests, procedures, and medications.

Related: Hospital Operator Ascension Warns of Suspected Cyberattack; Operations Disrupted

Ascension said it notified law enforcement, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and the American Hospital Association (AHA).

The cyberattack is the latest against the healthcare industry. Earlier this year, UnitedHealth Group’s Change Healthcare subsidiary was the victim of ransomware that may have led to the exposure of health and personal data of one in three Americans. The incident—likely the largest to hit the healthcare industry—has prompted the Biden administration to consider requiring hospitals to meet minimum cybersecurity standards.