Tim Stanley
Tulsa World Staff Writer
A recent cyberattack on the Ascension health care system was the result of a malicious file being accidentally downloaded by an employee, the company said Thursday, adding that investigators now believe that only seven of the network’s some 25,000 servers were affected.
The ransomware attack, which affected Ascension’s St. John Health System in Oklahoma and its systems in other states, was discovered May 8, with Tulsa’s Ascension St. John emergency room being placed on divert status for about a week.
Ascension announced June 7 that its Oklahoma hospitals’ electronic health records system was finally back online.
“We now have evidence,” an Ascension spokesperson said Thursday, “that indicates that the attackers were able to take files from a small number of file servers used by our associates primarily for daily and routine tasks. These servers represent seven of the approximately 25,000 servers across our network.
People are also reading…
“Though we are still investigating, we believe some of those files may contain Protected Health Information (PHI) and Personally Identifiable Information (PII) for certain individuals …. Importantly, we have no evidence that data was taken from our Electronic Health Records (EHR) and other clinical systems, where our full patient records are securely stored.”
Ascension, which is being helped in the investigation by third-party cybersecurity experts, said the employee who downloaded the malicious file believed it was legitimate.
“We have no reason to believe this was anything but an honest mistake,” officials said.
Ascension said determining what data was potentially affected and for which patients is a “significant undertaking” that will take time.
“In the meantime, to provide our patients and associates with the greatest peace of mind possible, we are offering complimentary credit monitoring and identity theft protection services to any Ascension patient or associate who requests it, free of charge, and regardless of whether we determine in the future that their data was actually involved in this incident.”
Individuals who wish to enroll in free credit monitoring and identity theft protection services are encouraged to call Ascension’s dedicated call center at 1-888-498-8066.
The company added: “We want to be clear, however, that this offer does not mean we have determined that any specific individual patient’s data has been compromised. Rather, it illustrates our desire to do everything possible to reassure our patients and associates, regardless of any impact to specific individuals’ data.”
The Tulsa World is where your story lives
The Tulsa World newsroom is committed to covering this community with curiosity, tenacity and depth. Our passion for telling the story of Tulsa remains unwavering. Because your story is our story. Thank you to our subscribers who support local journalism. Join them with limited-time offers at tulsaworld.com/story.
