, ,

Ascension is the latest Wisconsin health system hit with a cyber attack

Ascension said it detected the breach Wednesday, but it's unclear if patient information was affected

Ascension Columbia St. Mary’s Hospital in Milwaukee
Ascension Columbia St. Mary’s Hospital in Milwaukee. Coburn Dukehart / Wisconsin Watch

A health system with numerous hospitals and clinics in Wisconsin is investigating a cyber attack that interrupted access to some technology systems. But it’s unclear whether hackers gained access to sensitive patient information.

The St. Louis-based Ascension said it detected “unusual activity” on some network systems Wednesday that it believes was caused by a “cyber security event.”

Ascension said it is working to uncover what information may have been affected by the breach. If sensitive information was exposed, Ascension said it will notify people affected.

Stay informed on the latest news

Sign up for WPR’s email newsletter.

This field is for validation purposes and should be left unchanged.

“Our care teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible,” the health care provider said in a statement. “There has been a disruption to clinical operations, and we continue to assess the impact and duration of the disruption.”

Ascension did not immediately respond to a request for comment.

Alex Holden is the chief information security officer at Hold Security, a Mequon-based cyber security firm. Based on Ascension’s public statements about the breach, he said it looks like the attack wasn’t a “full intrusion” into their network.

“They’re also encouraging their partners to break technology connections into Ascension for the time being,” he said. “There seems to be either exploitation that came from a certain party into them, or there is a threat that the breach is not fully contained — and it may affect their partners as well.”

Last year, a cyber attack caused a system-wide outage for Hospital Sisters Health System and Prevea. In early 2024, Group Health Cooperative of South Central Wisconsin, a nonprofit managed health care organization, also suffered a cyber attack that resulted in patients’ personal information being released.

According to the New York Times, hospital systems have increasingly been targets for hackers in recent years. The Times reports that health care is one of the economic sectors most susceptible to cyber attacks because medical records can be sold for a lot of money.

Last year, there were a record 725 data breaches of 500 or more records, up from 720 such breaches the previous year, according to health news outlet The HIPAA Journal.

Holden with the Mequon cyber security firm said medical information can be more valuable to hackers than financial information. That’s because it’s relatively easy to cancel a credit or debit card, but medical information doesn’t change over time.

“It’s always valuable and it’s always historically correct,” he said of medical information. “Protection of medical information is much more personal to people than financial information that’s relatively easily changeable.”

Beyond medical information, bad actors can hack systems to make information unavailable, said Patrick McDaniel, the Tsun-Ming Shih professor of Computer Sciences at the University of Wisconsin-Madison.

After essentially locking a computer system, hackers will then offer a ransom to unlock the system, McDaniel said.

“The organization has to decide whether or not they can live without the data, or they have to pay to get their data back,” he said.

Experts also said health systems’ safeguards against hackers can become outdated very quickly.

McDaniel said the health care ecosystem in the United States is very interconnected. Machines inside a hospital communicate information with each other, and hospitals share information with devices in pharmacies and other partner organizations.

“The complexity of these health care systems is such that they often become easy prey for hackers because there’s just so many different systems,” McDaniel said. “Hackers often attack not just the individual systems, but they find ways that the systems interact and that’s the way they get access.”

Holden said he expects such attacks will continue to increase in the coming years.

“This is all ramping up and gets worse every year because attacks (are) becoming more sophisticated,” he said. “The bad guys are getting smarter about this. They know more about medical systems than they knew months and years ago.”

That’s why it’s important for health systems to be “cyber security aware” and keep their technologies up to date, Holden said.

He said employee training is also important.

“They need to have a stake in the cyber security of the organization because the breaches right now have a human element,” Holden said. “If we are more educated about cybersecurity, we are more likely to be able to prevent these breaches by recognizing the signs earlier and to be able to prevent breaches from getting worse or occurring in the first place.”