Ascension Health Continues Recovery from Ransomware Attack
June 18, 2024
Incident reinforces need for cybersecurity and staff training
The ransomware attack on one of Illinois’ largest healthcare systems was allegedly caused by an Ascension Health employee accidentally downloading a malicious file last month. The attack forced Ascension’s computer systems to go offline for several weeks, including patient portals. Ascension operates 15 hospitals and 230 care sites in Illinois and all electronic health records have been restored with no evidence that data was stolen. However, the investigation continues as the healthcare system acknowledges data was stolen from seven of its nearly 25,000 servers across the country outside of Illinois.
This criminal attack is yet another unfortunate reminder that these types of incidents can happen anywhere at any time. ISMIE offers a comprehensive resource on cybersecurity that contains valuable information to help policyholders develop and implement policies and procedures to protect against attacks. Other related ISMIE resources available to policyholders include EMR downtime for guidance and risk considerations in the event your system goes down and emergency preparedness planning for what to consider before catastrophic events occur.
As of January 1, ISMIE added new enhancements to its already robust cyber liability coverage at no additional cost for Illinois policyholders. In addition to the included limits, policyholders can increase their cyber liability protection with higher limits if desired. ISMIE Mutual offers flexible pricing options for individual physicians and groups.
ISMIE encourages policyholders to review cybersecurity protections and emergency preparedness plans. If you experience a cybersecurity attack or suspect your organization’s cybersecurity has been breached, contact the Claims Division as soon as possible by email or by calling 800-782-4767, extension 3510.