St. Louis-based Ascension confirmed that it suffered a ransomware attack.
On May 8, Ascension reported that it detected unusual activity on its network, indicative of a cybersecurity incident. On May 11, the health system wrote on its website that this was a ransomware incident.
"We continue to diligently investigate and address the recent ransomware incident, working closely with industry leading cybersecurity experts to assist in our investigation and restoration and recovery efforts," Ascension's website reads.
Ascension said that it has notified law enforcement, the FBI, the Cybersecurity and Infrastructure Security Agency, the Department of Health and Human Services and the American Hospital Association about the incident.
"We are making progress and systems are being restored in a coordinated manner at each of our care sites," the website reads. "We will continue to share updates on our recovery process."
This comes after four sources briefed on Ascension's investigation into the incident told CNN May 10 that the health system was attacked by a type of ransomware called Black Basta.
Ascension has 134,000 employees, 35,000 affiliated providers and 140 hospitals across 19 states and Washington, D.C. The ransomware attack has caused Ascension's EHR, its MyChart patient portal and some phone systems to be unavailable, with employees and operations resorting to downtime procedures.