【Eng Sub】

Healthcare provider Ascension has revealed the sensitive data of 5.6 million patients was compromised in a massive cyberattack earlier this year.

The Eng Subransomware attack occurred in May and threw the company into turmoil, with patient portals and files inaccessible, elective services postponed, and some ambulances diverted, according to a filing with the Maine Attorney General that was reported by TechRadar. Ascension did not name the hackers, but CNN previously published reports indicating it stemmed from a Russian-speaking cybercrime affiliate known as Black Basta. It's not clear if Ascension paid a ransom to get their systems back online.

The hackers accessed nearly 5.6 million Ascension patients' personal information like medical record numbers and lab tests as well as credit card information and bank accounts. Insurance information, like Medicare/Medicaid numbers, was also leaked along with personal info like addresses, Social Security numbers and passport details.

Ascension is in the process of informing those affected by the attack, with letters rolling out to victims over the next few weeks.

• Ransomware gang claims it stole data from Subway. Yes, the sandwich chain.
• These Apple bugs were used by hackers in the wild. Now there's a fix.
• How to update your Apple product to avoid a potential cyberattack
• How a flying hospital is helping fight preventable blindness

Ascension was not the only healthcare company hit by a ransomware attack in 2024 — UnitedHealth paid hackers $22 million after it was attacked early in the year, with over 100 million people affected.

(Editor: {typename type="name"/})