Ascension Health reported a data breach involving over 100,000 individuals after hackers exploited a third-party software flaw. The nonprofit healthcare provider said the compromised data was exposed through a former business partner. This breach is likely related to the Cl0p ransomware group’s exploitation of zero-day vulnerabilities in Cleo’s file transfer platform. Several organizations, including Hertz and Western Alliance Bank, were also impacted by the same Cl0p campaign.
Ascension learned of the breach on December 5, 2024, though the full extent became clear only after further investigation.
The attackers stole names, contact details, birthdates, Social Security numbers, and sensitive medical information. The stolen health information also includes diagnosis codes, insurance data, and inpatient visit details. The former business partner’s identity has not been publicly disclosed by Ascension.
The stolen data appears to affect patients in Alabama, Michigan, Indiana, Tennessee, and Texas. Notifications to Massachusetts and Texas officials confirm that over 114,700 individuals were impacted. Ascension is offering two years of free credit monitoring and identity protection to the victims.
The organization has urged affected individuals to remain alert for signs of fraud.
This is not Ascension’s first major cybersecurity incident in recent years. In May 2024, the organization experienced a BlackBasta ransomware attack. That breach compromised data belonging to roughly 5.6 million patients and employees. Ascension attributed that earlier attack to an employee mistakenly downloading a malicious file.
Reference:
