Ascension, a prominent U.S. healthcare system, is notifying over 5.6 million patients and employees about a significant data breach stemming from a ransomware attack by the Black Basta group in May 2023.

This cyberattack compromised a vast array of personal and sensitive health information, including medical records, payment details, and personal identifiers.

The hackers accessed extensive patient data, which included dates of service, lab tests, procedure codes, credit card and bank account numbers, as well as names, addresses, and dates of birth.

In addition to health information, the breach involved the theft of identity documents such as driving licenses and passports.

The attack caused significant disruptions in healthcare services, leading to delayed and lost lab results and medication errors.

As a direct consequence of the breach, Ascension had to pause some non-emergency procedures and reroute emergency medical services to ensure continued patient care.

The ransomware incident also disrupted Ascension's MyChart electronic health records system, forcing a shift back to paper-based tracking for patient procedures and medications.

To assist affected individuals, Ascension is offering 24 months of free IDX identity theft protection services, which include CyberScan monitoring and a $1,000,000 insurance reimbursement policy.

This breach has been classified as the third-largest healthcare-related data breach of 2024, according to the Department of Health and Human Services.

Black Basta, the group behind the attack, has been linked to numerous high-profile cyberattacks since its emergence in April 2022, targeting various organizations including defense contractors and government entities.

Research indicates that Black Basta has extorted over $100 million from more than 90 victims as of November 2023.

The cyberattack was detected on May 8, 2023, and Ascension promptly reported it to law enforcement and government agencies, including CISA and the FBI.