Curated Content | Thought Leadership | Technology News

How One Employee’s Honest Mistake Caused a Massive Ransomware Attack

Disrupting operations across the U.S.
Ryan Uliss
Contributing Writer
Download progress status bar.

In May 2024, Ascension, a prominent U.S. healthcare system, experienced a severe ransomware attack that disrupted IT operations across its 140 hospitals. Last week, Ascension announced that they had determined how the hackers initially gained access to their systems: an employee inadvertently downloaded a malicious file, mistaking it for a legitimate one. This common error led to significant operational challenges. The attack affected Ascension’s electronic health records (EHR) system and other critical infrastructure, forcing the healthcare giant to revert to manual processes while addressing the cyber threat.

Ascension mentioned in their statement, “We have no reason to believe this was anything but an honest mistake.” However, the attack has heightened concerns among health system CIOs and CISOs about the persistent vulnerability posed by human error and underscored the critical need for employee cybersecurity education and training.

The healthcare giant has opted to provide complimentary credit monitoring and identity theft protection to any patient or associate who requests it, regardless of whether or not their personal data was compromised in the attack.

Why it matters: This incident is a reminder of the potential for significant operational disruptions and the impact on patient care and safety due to a simple mistake. As cyberattacks on healthcare systems grow increasingly complex and frequent, the need for advancements in both technical defenses and employee education is more crucial than ever.

  • Attack Origin: An Ascension employee accidentally downloaded a malicious file, inadvertently causing a ransomware attack on May 8, 2024. The incident disrupted IT operations across 140 hospitals, forcing a temporary switch to paper records.
  • Data Breach: Hackers accessed and possibly stole files from 7 out of 25,000 servers. While some servers contained Protected Health Information and Personally Identifiable Information, the EHR and other clinical systems were not breached.
  • Impact on Patient Care: Despite the significant disruption, Ascension managed to maintain care by reverting to manual processes to get patients the services or medication they needed, demonstrating the resilience and adaptability of healthcare providers during cyber crises.
  • Historical Context: The attack on Ascension follows a troubling trend in healthcare, as it mirrors a similar ransomware incident involving Change Healthcare earlier in the year, which disrupted operations for hundreds of hospitals and clinics nationwide.

Go Deeper -> A ‘Mistake’ Allowed Hackers into Ascension’s IT System – Becker’s Hospital Review

Ascension Hacked After Employee Downloaded Malicious File – Bleeping Computer

You have free article(s) left this month courtesy of CIO Partners.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Digital Annual

$10.00/ month

Billed Annually

Cam (3)
Targeting critical infrastructure.

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.