One of the biggest private healthcare systems in the US, Ascension, has notified patients that personally identifiable information (PII) including health data, was stolen in a previously unannounced attack affecting a former business partner in December 2024.
The incident follows a previous ransomware attack in May 2024, in which the sensitive data of six million patients, forcing the company to take systems offline, divert ambulances, and pause elective care in some places. “On December 5, 2024, we learned that Ascension patient information may have been involved in a potential security incident. We immediately initiated an investigation to determine whether and how a security incident occurred,” Ascension confirmed in its breach notification.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- SonicWall blames state hackers for damaging data breach
November 6, 2025
SonicWall has blamed “state-sponsored threat actors” for the cloud backup security breach which hit its services in September 2025. In an update posted on the company’s website, SonicWall said it completed the investigation into the incident, and confirmed that the malicious activity was “carried out by a state-sponsored threat actor” and was “isolated to the unauthorized ...
- Malware-pwned laptop gifts cybercriminals Nikkei’s Slack
November 6, 2025
Japanese media behemoth Nikkei has admitted to a data breach after miscreants slipped into its internal Slack workspace, exposing the personal details of more than 17,000 employees and business partners.… The company blamed the intrusion on malware that infected an employee’s device, letting attackers pinch Slack credentials and waltz into its chat system. Once the suspicious ...
- Washington Post says it is among victims of cyber breach tied to Oracle software
November 6, 2025
The Washington Post said it is among victims of a sweeping cyber breach tied to Oracle software. In a statement released on Thursday, the newspaper said it was one of those impacted “by the breach of the Oracle E-Business Suite platform.” The paper did not provide further detail, but its statement comes after CL0P, the notorious ...
- UK: Hundreds of residents’ details shared in data breach
November 4, 2025
A council chief has apologised after hundreds of residents’ sensitive data was mistakenly shared online. Some names, addresses, phone numbers and email addresses of 625 people who responded to South Gloucestershire Council’s consultation on 24 October were published online for three days. Once the error was spotted, council officers took “very prompt action” to remove the ...
- University of Pennsylvania says it has called FBI over data breach
November 3, 2025
The University of Pennsylvania says it has called in the Federal Bureau of Investigation after offensive emails were distributed to alumni. In a statement, the university said that a data breach had affected “select information systems.” An email sent to University of Pennsylvania alumni on Friday and reviewed by Reuters showed that someone masquerading as the ...
- UK: Woman charged after around 100 patient records accessed in data breach
October 31, 2025
A woman has been charged after around 100 patients had their medical records accessed in a data breach at NHS Lothian. The health board has written letters to patients affected by the breach, which they say was caused by one individual at Edinburgh Royal Infirmary. A letter dated last month, seen by STV News, says the ...