Major U.S. healthcare system Ascension Health had data from more than 5.599 million patients and employees compromised in a cyberattack earlier this year, which was attributed to the Black Basta ransomware-as-a-service operation, Cybernews reports.
Infiltration of Ascension's systems on Feb. 29 enabled threat actors to steal individuals' medical information, insurance and payment details, and government identification data, in addition to personal details, said Ascension in an updated filing with the Office of the Maine Attorney General. "Although patient data was involved, importantly, there remains no evidence that data was taken from our Electronic Health Records (EHR) and other clinical systems, where our full patient records are securely stored," added Ascension, which also noted the total restoration of all systems affected by the incident. Initial disclosure of the Black Basta attack against Ascension in May had prompted the Cybersecurity and Infrastructure Security Agency, the FBI, and other federal agencies to unveil joint guidance recommending safeguards against the ransomware gang.
