A cybersecurity incident has left 140-hospital Ascension with its EHR disabled, some appointments and surgeries postponed, and the expectation that the 19-state health system will operate on downtime procedures "for some time."
On May 8, St. Louis-based Ascension reported that it detected unusual activity on its network, indicative of a cybersecurity incident. On May 9, the organization confirmed it as such.
"We are working around the clock with internal and external advisors to investigate, contain, and restore our systems following a thorough validation and screening process," the health system said in its May 9 news release shared with Becker's. "Our investigation and restoration work will take time to complete, and we do not have a timeline for completion."
Ascension said its EHR, MyChart, and some phone systems are unavailable, with employees and operations resorting to downtime procedures. Certain non-emergency elective procedures, tests and appointments have been postponed. Patients are advised to bring notes detailing their symptoms and a list of their medications, including prescription numbers or containers, so their care team can call in prescriptions to pharmacies.
"It is expected that we will be utilizing downtime procedures for some time," the system noted. The downtime procedures have also pushed several Ascension hospitals to diversion status for ambulances and emergency medical services.
Ascension says it has engaged cybersecurity firm Mandiant to assist in the investigation and remediation process. Google acquired Mandiant in 2022. The company uncovered the 2020 SolarWinds cyberattack against the U.S. federal government and helped investigate the 2021 Colonial Pipeline ransomware attack.
Ascension includes 134,000 employees, 35,000 affiliated providers and 140 hospitals across 19 states and the District of Columbia. In 2023, the Catholic, nonprofit system recorded a net loss of $2.66 billion on revenues of $28.35 billion.