- A large organization of health care has disclosed a data violation
- The ascent was also struck by two significant violations in 2024
- The last incident could be linked to the attack on the ransomware CL0P
One of the largest private health systems in the United States, Ascension, informed patients that personally identifiable information (PII), including health data, was stolen in an unexpected attack affecting a former trading partner in December 2024.
The incident follows an earlier ransomware attack in May 2024, in which sensitive data of six million patients, forcing the company to remove offline systems, divert ambulances and suspend elective care in certain places.
“On December 5, 2024, we learned that information on ascent patients may have been involved in a potential security incident. We immediately launched an investigation to determine whether and how a security incident occurred,” confirmed ascent in its violation notification.
Sensitive data exposed
The attackers would have had access to sensitive information, in particular the name, address, number (s), email address, date of birth, race, sex and social security number (SSN), and even clinical information related to the health care of certain patients, according to the individual.
“Our survey determined on January 21, 2025, which Ascension inadvertently disclosed information to a former trading partner, and some of this information was probably stolen from them due to vulnerability in third -party software used by the former trading partner. We have since examined our processes and we have been working to implement improved measures to prevent similar incidents in the future, ”confirmed the company.
This leaves anyone exposed to a serious risk of social engineering or identity theft attacks, especially since the SSNs are involved. To help anyone affected, Ascension offers two years of free identity surveillance services, including credit monitoring, consultation with fraud and the restoration of identity theft.
Although nothing is confirmed on the details of the incident, the moment and description of the incident suggest that this could be linked to the attack on the Ransomware CL0P which abused a defect in the Cleo file transfer software.
The group said that 59 organizations have been affected in the incident, so it is certainly possible that Ascension is part of this list.
Via Bleeping Compompute
