Following a cybersecurity breach reported on May 8, health system Ascension faces several patient class action lawsuits. According to John Diaz of the local ABC-KVUE news station, a former patient of a Texas-based Ascension location claims her information was compromised.
Another lawsuit was filed in Chicago, Healthcare Dive’s Susanna Vogel reports on May 16. The lawsuit states that “On information and belief, on or around May 9, 2024, Ascension’s network systems were unauthorizedly accessed in a ransomware attack, resulting in the unauthorized disclosure of the personal information of plaintiffs.”
In a statement following the breach, Ascension said it was still investigating whether sensitive data had been exposed and that it would notify affected parties.
Russian-speaking ransomware group Black Basta has been identified as the perpetrator of the breach. The attack led to a diversion of emergency medical services and an interruption in services concerning Ascension’s electronic health records system (EHR).
In a statement on May 15, an Ascension spokesperson thanked the community and patients for their patience. “We are focused on getting systems back up and running as safely and as quickly as possible. We are also working on reconnecting with our vendors with the help of our recovery experts.”
