Ascension Seton, an Austin-based hospital system, disclosed a data breach that occurred earlier this year, affecting its legacy websites Seton.net and DellChildrens.net. The breach, which took place on March 1 and 2, potentially exposed personal information of certain users.
Ascension Seton has been collaborating with third-party vendor Vertex to investigate the scope of the breach, while also involving law enforcement and forensic investigators.
While specific details of the affected information are yet to be determined, Ascension Seton acknowledged that personal details including names, addresses, Social Security numbers, credit card numbers, and insurance information may be at risk for users who entered their data through Seton.net or DellChildrens.net.
However, Ascension Seton currently believes that no information was extracted, shared, or misused, and their hospital medical record systems remain unaffected.
To address the breach, Ascension Seton shut down the compromised websites and replaced them with new sites hosted internally. They have also taken proactive measures by notifying individuals affected by the breach, providing resources for identity theft and credit protection, and establishing a dedicated assistance line for affected individuals to seek support.
The incident underscores the growing prevalence of cybersecurity threats targeting healthcare institutions. Recent research has shown a doubling of ransomware attacks against American healthcare systems between 2016 and 2021, exposing the personal health information of millions of people.
The protection of sensitive health information has become a priority, as reflected in President Joe Biden’s National Cybersecurity Strategy, announced in March, which emphasizes safeguarding such data.