![[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqbZf4bsDp6ei3fmQ8swm7GB5XoRrhZSFE7ZNhRLFO49KlmdgpIDCZWMSv7rydpEShIrNb9crnH5p6mFZbURzO5HC9I4RlzJazBBw5aHOTmI38sqiZIWPldRqut4bTgegipjOk5VgktVOwCKF_ncLeBX-pMTO_GMVMfbzZbf8eAj21V04y_NiOaSApGkM/s1600/webinar-play.jpg?#)
![[The AI Show Episode 145]: OpenAI Releases o3 and o4-mini, AI Is Causing “Quiet Layoffs,” Executive Order on Youth AI Education & GPT-4o’s Controversial Update](https://www.marketingaiinstitute.com/hubfs/ep%20145%20cover.png)
![Google Home app fixes bug that repeatedly asked to ‘Set up Nest Cam features’ for Nest Hub Max [U]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2022/08/youtube-premium-music-nest-hub-max.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
![New Hands-On iPhone 17 Dummy Video Shows Off Ultra-Thin Air Model, Updated Pro Designs [Video]](https://www.iclarified.com/images/news/97171/97171/97171-640.jpg)
![Epic Games Wins Major Victory as Apple is Ordered to Comply With App Store Anti-Steering Injunction [Updated]](https://images.macrumors.com/t/Z4nU2dRocDnr4NPvf-sGNedmPGA=/2250x/article-new/2022/01/iOS-App-Store-General-Feature-JoeBlue.jpg)
Ascension Healthcare Hacked via Third-party Business Partner: Patient Data Exposed
Ascension Healthcare, one of the largest private healthcare systems in the United States, has disclosed a significant data breach after sensitive patient information was compromised through a third-party business partner. The incident, which affects care sites in Alabama, Michigan, Indiana, Tennessee, and Texas, has put thousands of patients on alert and reignited concerns over healthcare […] The post Ascension Healthcare Hacked via Third-party Business Partner: Patient Data Exposed appeared first on Cyber Security News.
Ascension Healthcare, one of the largest private healthcare systems in the United States, has disclosed a significant data breach after sensitive patient information was compromised through a third-party business partner.
The incident, which affects care sites in Alabama, Michigan, Indiana, Tennessee, and Texas, has put thousands of patients on alert and reignited concerns over healthcare data security.
The breach was first detected on December 5, 2024, when Ascension learned that patient data may have been involved in a security incident.
An immediate investigation was launched, and by January 21, 2025, it was determined that Ascension had inadvertently disclosed information to a former business partner.
Some of this data was likely stolen from the partner due to a vulnerability in third-party software used by the partner-not within Ascension’s own systems or electronic health records.
Scope of Exposed Data
The compromised information is extensive and varies by individual. It includes:
- Names, addresses, phone numbers, and email addresses
- Dates of birth, race, gender, and Social Security numbers
- Clinical information related to inpatient visits, such as physician names, admission and discharge dates, diagnosis and billing codes, medical record numbers, and insurance company names
While the exact number of affected patients has not been disclosed, at least 96 residents of Massachusetts had their medical records and Social Security numbers exposed.
Ascension has moved quickly to address the fallout. The healthcare system is offering two years of complimentary identity monitoring and credit protection services through Kroll to those impacted.
Services include credit monitoring, fraud consultation, and identity theft restoration. Affected individuals are encouraged to remain vigilant, monitor their credit reports, and review account statements for suspicious activity.
Ascension emphasized that its own networks and electronic health records were not breached. The organization has reviewed its data handling processes and is implementing enhanced safeguards to prevent similar incidents in the future.
Officials have also provided resources and guidance to help patients protect themselves against identity theft and fraud.
This breach follows a series of high-profile cyberattacks on healthcare providers, highlighting the persistent risks posed by third-party vendors and software vulnerabilities. As the healthcare sector continues to digitize, robust third-party risk management remains a critical challenge.
Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.
The post Ascension Healthcare Hacked via Third-party Business Partner: Patient Data Exposed appeared first on Cyber Security News.
