Summary: Ascension, a major private healthcare system in the U.S., has informed patients that their personal and health information was compromised in a data theft involving a former business partner. The security incident, linked to a vulnerability in third-party software, revealed sensitive patient data over a reported timeline. Ascension is offering two years of free identity monitoring services to those affected.
Affected: Ascension Healthcare
Keypoints :
- Data breach notified on December 5, 2024, involving a former business partner.
- Personal information such as names, addresses, Social Security numbers, and health records was potentially accessed.
- 96 Massachusetts residents were confirmed affected, with identity monitoring services offered to those impacted.
- The breach may be linked to a series of attacks exploiting vulnerabilities in secure file transfer software.
- This event follows a previous incident in May 2024, where Ascension notified 5.6 million patients about stolen data from a ransomware attack.