Ascension hack forces health system to pause elective procedures. Here's the latest

Brandon Girod, Pensacola News Journal
Updated ·4 min read

It's been two days since Ascension announced that its systems were hit by a cyberattack, leaving hospitals across the United States to rely on downtime procedures while it worked to assess the impact.

Ascension, the largest non-profit Catholic health system in the U.S., provided a short update Thursday evening that provided more details on the current status of its systems and what patients should be aware of while it continues its investigation.

Here's what you should know about the Ascension cyberattack.

Ascension is pausing 'non-emergent elective procedures, tests and appointments'

In its most recent statement, Ascension announced that it was pausing "non-emergent elective procedures, tests and appoints" due to the cyberattack.

"We are working around the clock with internal and external advisors to investigate, contain, and restore our systems following a thorough validation and screening process," the statement said.

Ascension pauses elective procedures: Ascension cyberattack forces hospitals to pause some elective procedures and appointments

Ascension said it was pausing some procedures and appointments "out of an abundance of caution."

"Our teams are working directly with any patient whose appointment or procedure will need to be rescheduled," the statement said. "We understand the frustration this may cause and sincerely regret any inconvenience to our patients."

Ascension has no timeline for when their systems will be up again

Ascension is still assessing the impact and duration of the disruption.

"Our investigation and restoration work will take time to complete, and we do not have a timeline for completion," said an Ascension spokesperson.

Anyone interested in following updates directly from Ascension can visit this link.

When was Ascension hacked?

The cyberattack at Ascension happened early Wednesday morning. According to the Detroit Free Press, employees began noticing interruptions around 7 a.m.

How many people are impacted by the Ascension cyberattack?

We don't know the extent of who is impacted by the cyberattack as Ascension continues to work with internal and external advisors to investigate the impacts.

News outlets in Wisconsin, Texas, Oklahoma, Indiana, Michigan and Florida have confirmed that area Ascension hospitals were facing the same disruptions.

Was there a patient data breach in the Ascension cyberattack?

Ascension has not provided any information about a possible data breach. In a statement posted to its website Thursday morning, investigations are still ongoing. If a data breach is discovered, the company said it would notify and support anyone impacted "in accordance with all relevant regulatory and legal guidelines."

Ascension cyberattack: Ascension Sacred Heart Hospital facing disruptions after cyberattack

How are Ascension systems impacted by the cyberattack?

In its latest update, Ascension said that it was working with its ministries to "continue to provide safe, patient care with established downtime protocols and procedures." Hospitals are expected to use downtime procedures for some time.

"Systems that are currently unavailable include our electronic health records system, MyChart (which enables patients to view their medical records and communicate with their providers), some phone systems, and various systems utilized to order certain tests, procedures and medications," said an Ascension spokesperson.

"We have implemented established protocols and procedures to address these particular system disruptions in order to continue to provide safe care to patients."

Several Ascension hospitals are also diverting emergency medical services.

What should Ascension patients do in the meantime?

Patients being treated at Ascension hospitals should bring notes on their symptoms and a list of their medications and prescription numbers with them to any appointments so their care team can call in needed medication to pharmacies.

What is Ascension doing to combat the cyberattack?

According to its statement, Ascension immediately reacted to the cyberattack and partnered with Mandiant, a cybersecurity firm and Google subsidiary, to assist in the investigation and remediation process.

Who is responsible for the Ascension cyberattack?

There has been no official confirmation on who carried out the cyberattack on Ascension, but CNN has reported that four sources briefed on the investigation said it was a ransomware attack. The sources said the type of ransomware used is known as "Black Basta," which is a type of ransomware that has been repeatedly used to attack health care organizations in recent years.

How many Ascension hospitals are there in Florida?

  • Ascension Sacred Heart Pensacola, 5151 N. Ninth Ave., Pensacola, FL

  • Ascension Sacred Heart Hospital Emerald Coast, 2300 Mack Bayou Loop #11, Santa Rosa Beach, FL

  • Ascension Sacred Heart Bay, 615 Bonita Ave. A, Panama City, FL

  • Ascension Sacred Heart Hospital Gulf, 3801 U.S. 98, Port St. Joe, FL

  • Ascension St. Vincent's Clay County, 1670 St. Vincents Way, Middleburg, FL

  • Ascension St. Vincent's St. Johns County, 205 Trinity Way, St. Johns, FL

  • Ascension St. Vincent's Southside Hospital, 4201 Belfort Road, Jacksonville, FL

  • Ascension St. Vincent's Riverside Hospital, 1 Shircliff Way, Jacksonville, FL

How many Ascension hospitals are there in the U.S.?

Ascension employs approximately 134,000 associates, has 35,000 affiliated providers and 140 hospitals.

This article originally appeared on Pensacola News Journal: Ascension cyberattack pauses elective procedures. Here's what we know