Overview
- Ascension's cyberattack was initiated by an employee downloading a malicious file, believed to be part of a phishing attempt.
- The attack affected seven servers, potentially exposing protected health information and personally identifiable information.
- Ascension has not yet determined the full scope of the data compromised or the number of patients affected.
- The health system is offering free credit monitoring and identity theft protection to affected patients and employees.
- Operations at Ascension hospitals and clinics were significantly disrupted, with manual processes replacing electronic systems for weeks.