The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living facilities in 19 states. Ascension confirmed that it has been hit by a cybersecurity attack and that the attack has disrupted its clinical operations. Ascension detected the attack on May 8, 2024, and is in the process of investigating and responding to it.
The attack has reportedly affected clinical operations in Florida, Indiana, Michigan, Oklahoma, Texas, and Wisconsin. Ascension recommends that its business partners contact its IT professionals to determine whether any connections to Ascension systems are at risk.
Unfortunately, threat actors continue to attack health care entities, and the pace does not appear to be abating. As a result, it is important for health care entities to prepare for an incident by implementing an incident response plan, frequent testing of the plan, testing contingent operations and disaster recovery plans, and conducting tabletop exercises to prepare for attacks.