Over 437,000 patients’ personal and health information were compromised in a recent data breach involving Ascension Health’s third-party vendor, highlighting risks from supply chain vulnerabilities. The organization is offering affected individuals two years of free credit monitoring and identity theft protection.
Affected: Ascension Health, its patients, and the affected healthcare systems.
Affected: Ascension Health, its patients, and the affected healthcare systems.
Keypoints
- The breach impacted over 437,000 patients by exposing their personal and health data.
- The incident was caused by a vulnerability in a third-party software used by Ascension’s business partner.
- The breach likely involved the Cl0p ransomware group’s attack on Cleo’s file transfer platform in early December.
- The compromised information includes names, addresses, Social Security numbers, health, and insurance details.
- Ascension disclosed that the affected locations are in Alabama, Michigan, Indiana, Tennessee, and Texas.
- Patients are being offered 24 months of free credit monitoring and identity theft protection services.
- The breach is smaller in scale compared to a previous incident affecting 5.6 million people via BlackBasta ransomware.
Read More: https://www.securityweek.com/437000-impacted-by-ascension-health-data-breach/