Ascension’s hospitals, doctor’s offices and other care locations in Florida are open and operational as the health system continues to work on restoring its computer network following a ransomware attack.
The St. Louis-based chain, which operates 140 hospitals in 19 states, on Monday said its electronic records system and MyChart online patient portal remained offline after last week’s cyber breech. Additionally, systems used to order certain tests, procedures and medications remain unavailable.
However, Pensacola-based Ascension Sacred Heart hospitals in the western Panhandle and Jacksonville-based St. Vincent’s hospitals in North Florida are accepting patients, as are urgent and walk-in care locations, a spokesman confirmed.
This includes emergency rooms and scheduled elective procedures, imaging, tests and treatments. Patients will be contacted if appointments need to be rescheduled.
However, as with other Ascension locations around the country, providers have transferred to paper-based records while the network remain unavailable.
“Due to the transition to manual systems for patient documentation, patients may encounter longer-than-usual wait times and some delays, Gary Nevolis, a spokesman for Ascension Florida, said in a statement released Monday evening.
“To help with delays, patients should bring notes on symptoms and a list of current medications, including prescription numbers or bottles.”
Ascension retail pharmacies are not able to fill prescriptions, so patients should work with their providers to have them filled at another pharmacy, he added.
“Our leadership, physicians, care teams and associates are working to ensure patient care continues with minimal to no interruption,” Nevolis said.
Ascension, one of the nation’s leading nonprofit and Catholic health systems, said it detected “unusual activity” Wednesday on its computer systems. By the weekend, it confirmed the issue was a ransomware attack.
“We are making progress, however, it will take time to return to normal operations,” a national Ascension spokesperson said.
After the hack was discovered, Ascension notified law enforcement as well as government partners, including the FBI, Cybersecurity and Infrastructure Security Agency (CISA), Department of Health and Human Services and American Hospital Association.
“We remain in close contact with the FBI and CISA, and we are sharing relevant threat intelligence with the Health Information Sharing and Analysis Center (H-ISAC) so that our industry partners and peers can take steps to protect themselves from similar incidents,” the spokesperson said.
After the “unusual activity” was discovered, Ascension shut down its network throughout the chain to prevent the automated spread of ransomware. Ambulances were diverted from several hospitals and scheduled appointments, procedures and tests were postponed, according to reports in regions with Ascension facilities.
Cybersecurity experts say ransomware attacks have increased substantially in recent years, especially in the health care sector. Increasingly, ransomware gangs steal data before activating data-scrambling malware that paralyzes networks. The threat of making stolen data public is used to extort payments. That data can also be sold online.
Earlier this year, a cyberattack against Change Healthcare delayed insurance reimbursements and heaped stress on doctor’s offices around the country. Change Healthcare, which is owned by Minnesota-based UnitedHealth Group, provides technology used by doctor offices and other care providers to submit and process billions of insurance claims a year.
It remained unclear whether the same group was responsible for both attacks.
On Friday, CNN cited sources in reporting the Russian-linked Black Basta group was possibly behind the breach. The same day, H-ISAC last week sent a bulletin warning that Black Basta recently accelerated attacks against the health care industry.
The malware used by the hackers has been used against more than 500 businesses and critical infrastructure targets in North America, Europe and Australia, according to a Friday advisory from the FBI and CISA.
Information from the Associated Press was used in this report.
