top of page

Ascension Health System Faces Major Crisis Amidst Ransomware Attack and Prescription Service Disruptions

Ascension, the St. Louis-based Catholic health care giant, continues to grapple with a significant crisis despite its assurances that its hospitals, doctor's offices, and other facilities remain “open and operational.” The latest setback involves the inability to fill prescriptions, a critical service for many patients.

In an online update, Ascension advised patients to redirect their prescriptions to other pharmacies while efforts to restore systems continue. "Please ask your doctor to send your prescription to a different pharmacy while we work to get our systems back online," the statement read. For those unable to access medications from other pharmacies, Ascension’s retail pharmacies may provide a short-term supply using the existing prescription bottle.

The problems began last week when Ascension detected "unusual activity on select technology network systems." Initially described as a "cybersecurity event," the situation was later confirmed as a ransomware attack. The hospital system is in close contact with the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) as it navigates this crisis.

CNN reported that the ransomware used is known as Black Basta, a group notorious for its “double extortion attack,” as highlighted in a 2023 alert from the U.S. Department of Health and Human Services. The FBI and other federal agencies have released a joint statement providing information on Black Basta, which has targeted multiple critical infrastructure sectors, including healthcare.

Ascension has not made staff available for comment, opting instead to provide updates through dedicated webpages for national and Michigan-specific cyberattack information. The attack has disrupted access to electronic health records, phone systems, and scheduling and testing processes, causing some Michigan patients to be rerouted to non-Ascension hospitals.

On Monday, Ascension announced that its pharmacies could no longer process credit card transactions and had to rely on manual and paper-based systems. The health system has warned of longer wait times and delays, advising patients to bring notes on symptoms and a list of current medications, including prescription numbers or bottles.

While Ascension urges patients to keep their appointments, some non-emergency procedures, tests, and appointments have been suspended. "If appointments need to be rescheduled, an Ascension associate will contact patients directly," the website states.

Adding to the challenges, Ascension faces a potential labor strike at Ascension Genesys in Flint, with Teamsters Local 332 planning to strike on May 24. Ascension expressed bewilderment over the timing of the strike amidst the ongoing cyber crisis, stating, "The union’s sudden decision to strike, for an indefinite period, in the midst of an ongoing cyber event is truly difficult to understand."

Kory Daniels, CISO at Trustwave, commented on the broader implications of the attack. "The Ascension cyberattack serves as the latest example of a very alarming increase in threat actors targeting healthcare entities with no regard for the risks to human life," he said. "Emergency vehicles were forced to be rerouted, systems of records were pulled offline, and we observed a financially motivated threat actor who was able to impact individuals seeking immediate medical attention all the way through to those unable to receive fulfillment of prescriptions."

Daniels emphasized the need for robust cyber defense readiness. "Cyber defense readiness must become part of the organizational culture if we are to strengthen the industry's collective ability to govern, identify, protect, detect, respond, and recover from known vulnerabilities, and threats, of today and the future," he said. "Healthcare suppliers need to embrace secure by design principles and find technology and security services partners who can help sustain resilience and trust, ultimately maximizing their ability to prevent negative impact to patients and patient care." As Ascension works to recover from this crisis, the incident underscores the urgent need for enhanced cybersecurity measures in the healthcare sector to protect against increasingly sophisticated cyber threats.


bottom of page