Ascension: Health data of 5.6 million stolen in ransomware attack

Ascension, a major U.S. healthcare provider with $28.3B in annual revenue, recently disclosed a significant cybersecurity incident from May 2023 affecting 5.6M patients and employees. The breach, linked to the Black Basta ransomware group, exposed sensitive personal and medical data after an employee inadvertently downloaded malicious software. In response, Ascension has notified affected individuals, offering two years of free identity protection services, and is working with law enforcement agencies including the FBI and CISA to address the incident. This breach highlights the ongoing cybersecurity challenges facing healthcare organizations, as Black Basta has reportedly collected over $100M from ransomware attacks since 2022.