Ascension's hospitals in Michigan and across the country have reverted to paper systems. Their computer systems have been put down due to a cyberattack:
Cyberattack hits Ascension hospitals' computer networks: 'It's affecting everything'
By Kristen Jordan Shamus - May 9, 2024Ascension hospitals in Michigan and across the U.S. were hit Wednesday by a cyberattack that disrupted its computer network which continued to affect its clinical operations Thursday morning, leading the nonprofit, St. Louis-based health system to urge its business partners to sever online connections to its system.
"We detected unusual activity on select technology network systems, which we now believe is due to a cyber security event," Ascension said in a statement posted on its website. "At this time we continue to investigate the situation. We responded immediately, initiated our investigation and activated our remediation efforts. Access to some systems have been interrupted as this process continues.
"Our care teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible. There has been a disruption to clinical operations, and we continue to assess the impact and duration of the disruption."
With computers offline, 'It's like the 1980s or 1990s'
Employees noticed the computer network problems about 7 a.m. Wednesday, said three workers who spoke on the condition of anonymity out of fear of job repercussions.
"There was a security concern, so they shut down the system," one physician told the Free Press. "It's affecting everything."
Another Ascension Michigan doctor said: "We have no access to medical records, no access to labs, no access to radiology or X-rays, no ability to place orders.
"We have to write everything on paper. It's like the 1980s or 1990s. You go to the X-ray room to look at the X-rays on film, you call the lab they tell you what the results are over the phone. So it's just much more cumbersome, but we do have training for these moments."
A nurse told the Free Press on Wednesday evening that Ascension hospitals were still accepting patients by ambulance who were medically unstable and in need of lifesaving treatment. But those who were more stable and could be taken to other nearby hospitals for care were diverted because of the computer network outage.
"I just hope it doesn't last very long because certainly patient care will be negatively impacted," a physician said. "The data that shows that during computer network downtime, your risk of an adverse event goes up."
Ascension said it is working with Mandiant, a cybersecurity consulting company, to investigate and help determine what information, if any, was compromised in the cyberattack.
"Should we determine that any sensitive information was affected, we will notify and support those individuals in accordance with all relevant regulatory and legal guidelines," Ascension said in a statement.
Attack comes as Ascension aims to spin off Michigan hospitals
A Catholic health system, Ascension has 140 hospitals and 40 senior care facilities across 19 states and the District of Columbia. It reported in May that it had 134,000 employees.
In Michigan, the health system operates 15 acute-care hospitals, but is in the midst of trying to close deals that would split off eight of its southeastern Michigan hospitals and combine them with Detroit-based Henry Ford Health. Additionally, three of its hospitals in mid-Michigan and northeastern Michigan, along with a stand-alone emergency center and nursing home, are to be acquired by Midland-based MyMichigan Health.
Ascension St. John Hospital in Detroit, left, and MyMichigan Medical Center Sault in Sault Ste. Marie.
If those deals are completed, only the following Ascension Michigan hospitals will remain as part of the health system's national holdings:Ascension Allegan Hospital in Allegan
Ascension Borgess Hospital in Kalamazoo
Ascension Borgess-Lee Hospital in Dowagiac
Ascension Borgess-Pipp Hospital in PlainwellBreaches threaten protected health information, more
Cyberattacks are becoming increasingly common in health care, often affecting protected health information along with other data, such as account numbers, Social Security numbers, phone numbers and addresses.
In April, Cherry Street Services Inc., also known as Cherry Health, alerted 180,747 Michigan residents that their personal information had been compromised in a ransomware attack that occurred on Dec. 21.
"Third-party forensic experts were retained to assist in an investigation of the nature and scope of the breach," said Danny Wimmer, press secretary for state Attorney General Dana Nessel. "While unable to pinpoint (the) root cause of the breach, through the investigation Cherry was able to discern the types of data compromised: full name, address, date of birth, phone number, health insurance information, patient ID number, provider name, service date, diagnosis/treatment information, prescription information, financial account information and/or Social Security Numbers, and the identity of the persons impacted."
That's not all.
More than 1 million Michiganders were affected by a cybersecurity breach at Welltok Inc., a software company contracted to provide communication services for Corewell Health's southeastern Michigan properties along with a healthy lifestyle portal for Priority Health, an insurance plan owned by Corewell. Though the breach occurred in May 2023, it wasn't until November 2023 that people were notified.
A ransomware attack took down the computer network at McLaren Health Care's 14 Michigan hospitals in late August and early September 2023, affecting about 2.5 million patients. The health system acknowledged that it also could have leaked some patient data onto the dark web. A ransomware gang known as BlackCat/AlphV claimed responsibility for the cyberattack, posting online that it stole 6 terabytes of McLaren's data.
And in late August 2023, the University of Michigan shut down its campus computer network after a hacker got access to the personal information of students and applicants, alumni and donors, employees and contractors, as well as the personal health information of research study participants, and patients of the University Health Service and the School of Dentistry.
This has become all too common. You have to wonder what kind of clown show health care data IT has become. The United States was supposed to be the leader in IT technology, but is clearly deficient. DEI at work?
That's quite a list of Michigan hospitals hit in the past year. Maybe journalists should report the shorter list of who has NOT been hit, and find out why??
Another Ascension Michigan doctor said: "We have no access to medical records, no access to labs, no access to radiology or X-rays, no ability to place orders.
Data breaches are bad, of course.
But as for operability, WE TOLD THEM THIS FIFTEEN YEARS AGO. Sorry to yell, but can they hear us now?
It has always been people who make healthcare work - not computers. And mandated EHRs that served patients and clinicians well have always been the exception rather than the rule.
No computers means people talk to each other more. This is actually a good thing for all of us. We should do more of it.
Patient perspective from Fox2 Detroit.
News video available at the hyperlink.
Ascension hospital cyber attack disrupts patient's visit for potential cancer diagnosis
SOUTHFIELD, Mich. (FOX 2) - A patient at Ascension Providence checked himself into the Southfield hospital this week amid fears that his cancer had returned. Instead, he found himself witnessing the fallout from a cyber attack that targeted more than a hundred hospitals around the U.S.
The chaos was on display Wednesday while Zackery Lopez waited hours for pain medication - a request that went unanswered for seven hours before a nurse finally brought him some relief.
During that time, Lopez said he saw patients checking themselves out of Ascension Providence, located on Nine Mile.
"Right now it is crazy. Nurses are running around. Doctors are running around. There’s no computers whatsoever they can use," he said. "So, they’re actually using charts."
Using the physical copy of someone's medical data wouldn't be an issue for Lopez if he wasn't concerned that his personal information was at risk. But he told FOX 2 he hasn't gotten a satisfying answer.
"They really didn’t tell me if it was protected or not," he said. "They really kind of just brushed it off when I asked them. They say they’re trying to get everything back on, back on track."
Lopez first checked himself into Ascension on Tuesday around 2 p.m. due to internal bleeding. He got admitted by a doctor, but was told he would have to wait for a room. As of Wednesday night, he still hadn't gotten into a room.
According to the hospital group, 140 Ascension locations are affected by the cyber attack, as well as 40 senior living facilities.
In a statement to FOX 2, the hospital said it first noticed "unusual activity" on its network on Wednesday.
"Our care teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible. We have notified the appropriate authorities and are working to fully investigate what information, if any, may have been affected by the situation."
Bridge Michigan adds to the story.
Audio and images omitted here for space, remain available in the hyperlink.
Cyberattack forces Ascension hospitals in Michigan to reroute patients
May 10, 2024 | Robin Erb
Hackers on Wednesday broke into the patient health records and other systems at the Ascension hospital chain.
That put at risk medical information at the health-care giant’s 15 Michigan hospitals and caused at least one to send arriving patients elsewhere.
Patients should write down medications and symptoms, an Ascension spokesperson told Bridge Friday.
One of the nation's largest hospital chains remained under a cyber threat as the workweek closed — an attack that cut off access to the system’s electronic health records system, disrupted phones as well as scheduling and testing processes, and forced the rerouting of at least some Michigan patients. The attack also suspended some non-emergency elective procedures, tests and appointments.
What the weekend will hold is unclear.
Investigators are “working around the clock” to contain the breach and “restore our systems,” according to a statement by Ascension Thursday evening. “Our investigation and restoration work will take time to complete, and we do not have a timeline for completion.”
Ascension Michigan spokesperson Airielle Taylor said Friday the health system was “still detecting unusual activity.”
Related:
Henry Ford, Ascension Michigan to partner in latest health care shift
Experts: Henry Ford, Ascension Michigan venture likely to impact care, costs
University of Michigan restores internet access, still mum on security issueOn Thursday, patients arriving at Ascension Macomb-Oakland Hospital were rerouted under a diversion protocol, Taylor said.
But such problems “fluctuated,” she said. Other locations were not under a diversion protocol, but it was not clear if that would change, she said.
She said patients are advised to “have your medications written down and have your symptoms written down.”
The problems began Wednesday when the St. Louis-based hospital system “detected unusual activity on select technology network systems,” determining it to be a “cybersecurity event,” according to a statement released early Thursday.
That included patient records on MyChart, which allows patients to see their records, schedule appointments and talk with providers.
Ascension advised that its business partners “temporarily suspend the connection to the Ascension environment” until further notice.
The chain on Thursday sought to reassure the public that Ascension staff “are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible.”
To divert patients from some locations throughout the 140-hospital system to other hospitals. Ascension has hospitals in 19 states, including 15 in Michigan. It also operates 40 senior living facilities.
The Ascension breach is the latest from a “constant threat and attack” by cyberattackers, said one cybersecurity expert that works with Michigan hospitals.
“Because it’s an ecosystem in which information is shared, it’s a system that can be vulnerable” to attack, said Eric Eder, president of CyberForce|Q, which operates the Michigan Healthcare Security Operations Center and works with the Michigan Health & Hospital Association, an effort in which hospitals and health-care systems share information as quickly as possible during a breach.
Eder declined to comment on the attack on Ascension. But speaking in generalities, he said attacks on health care are usually sophisticated and well-coordinated among many individuals, using bots and other automated means to search out a system’s vulnerabilities.
“There’s this image of the hacker over a laptop in a hoodie,” he said.
Rather, “it’s a more coordinated effort with a mix of automated systems and human actors.”
Ascension is working with Mandiant, a third-party cybersecurity firm and subsidiary of Google, to assist in the investigation, according to its statement early Thursday.
Hospital officials said they were trying to determine “what, if any” information had been breached.
“Should we determine that any sensitive information was affected, we will notify and support those individuals in accordance with all relevant regulatory and legal guidelines,” according to Ascension’s statement.
It's the latest in bad news for the health-care giant, which in recent months has shed properties after reporting a $3 billion loss in 2023.
In October, Detroit-based Henry Ford Health and Ascension Michigan announced their “joint venture” in which eight Ascension properties in southeast and mid-Michigan will take on the Henry Ford Health identity. And in March, Ascension agreed to shed three more hospitals, selling locations in Saginaw, Tawas and Standish to Midland-based MyMichigan Health.