exclamation

Important notice: To continue serving our valued readers during the postal disruption, complete unrestricted access to the digital edition is available at no extra cost. This will ensure uninterrupted digital access to your copies. Click here to view the digital edition, or learn more.

This is a general view of a sign in front of the main entrance to Ascension St. John Hospital in Detroit May 10, 2023. In a May 9, 2024, statement, Ascension reported it had experienced a suspected cyberattack the day before, causing a disruption to some of the Catholic health care system's services. OSV News photo/Emily Elconin, Reuters

Cyberattack on largest US Catholic health care system part of rising criminal trend

By  Gina Christian, OSV News
  • May 13, 2024

The largest Catholic health care system in the U.S. reported it experienced what it called a "cybersecurity incident" May 8, resulting in "a disruption to clinical operations." The cyberattack is part of a rising and dangerous criminal trend targeting the entire health care sector.

In a May 9 update posted to its website, Ascension said it had "detected unusual activity" in its network systems and was "working around the clock with internal and external advisors to investigate, contain, and restore our systems following a thorough validation and screening process."

The attack rendered unavailable Ascension's electronic health records system, along with "some phone systems, and various systems utilized to order certain tests, procedures and medications," according to the update.

Ascension said it had "temporarily paused" some nonemergency elective procedures, tests and appointments "out of an abundance of caution" while working to "bring systems back online."

"Due to downtime procedures, several hospitals are currently on diversion for emergency medical services in order to ensure emergency cases are triaged immediately," Ascension said.

"Safely caring for patients remains our highest priority as we navigate this cybersecurity incident," the health care system added. "We are actively supporting our ministries as they continue to provide safe, patient care with established downtime protocols and procedures, in which our workforce is well trained."

Ascension said it anticipated "utilizing downtime procedures for some time," and advised patients to "bring to their appointment notes on their symptoms and a list of current medications and prescription numbers or the prescription bottles so their care team can call in medication needs to pharmacies."

The health care sector is "particularly vulnerable" to cybersecurity attacks, according to the U.S. Department of Health and Human Services.

A recent HHS strategy report noted that health care facilities "are attractive targets for cyber criminals in light of their size, technological dependence, sensitive data, and unique vulnerability to disruptions."

Cyberattacks against health care systems are on the rise, according to the HHS, citing a 93% increase from 2018 to 2022.

HHS collaborates with the nation's Cybersecurity and Infrastructure Security Agency and Health Sector Coordinating Council Cybersecurity Working Group to strengthen defenses against such breaches.

The agencies collectively stress the need to be vigilant for attempts to gain unauthorized access to systems, denial of service (DOS) attacks lasting more than 12 hours, malicious code, email or mobile messages associated with phishing attempts, and ransomware targeting critical infrastructure.

Headquartered in St. Louis, the nonprofit Ascension was initially formed as Ascension Health in 1999 by the Daughters of Charity National Health System and the Sisters of St. Joseph Health System, joined by the Carondelet Health System in 2002.

Over the years, a number of health care organizations have joined Ascension, which now operates at more than 2,600 sites in 19 states and the District of Columbia.

Ascension's original sponsoring organizations were the St. Louise Province of the Daughters of Charity of St. Vincent de Paul, the Sisters of St. Joseph of Nazareth (now part of Congregation of St. Joseph), the Congregation of the Sisters of St. Joseph of Carondelet, the Congregation of Alexian Brothers and the Sisters of the Sorrowful Mother.

In 2011, the Vatican approved the creation of a canon law entity known as a "public juridic person" as the sole sponsor of Ascension, assuring the health care system "as a ministry will be sustained and strengthened over time, with both religious and lay persons serving as members," according to Ascension's website.

Please support The Catholic Register

Unlike many media companies, The Catholic Register has never charged readers for access to the news and information on our website. We want to keep our award-winning journalism as widely available as possible. But we need your help.

For more than 125 years, The Register has been a trusted source of faith-based journalism. By making even a small donation you help ensure our future as an important voice in the Catholic Church. If you support the mission of Catholic journalism, please donate today. Thank you.

DONATE