The cyberattack St. Louis-based Ascension suffered May 8 is being called a ransomware incident, CNN reported May 10.
Four sources briefed on Ascension's investigation into the incident told CNN the health system suffered a ransomware attack. Additionally, those sources said the type of ransomware is called Black Basta, which a May 10 report from the Health Information Sharing and Analysis Center is warning healthcare organizations about. There also is a ransomware group that shares the Black Basta name.
On May 8, Ascension reported that it detected unusual activity on its network, indicative of a cybersecurity incident. On May 9, the organization confirmed it as such.
The attack has caused Ascension's EHR, MyChart and some phone systems to be unavailable, with employees and operations resorting to downtime procedures.
"We are working around the clock with internal and external advisers to investigate, contain and restore our systems following a thorough validation and screening process," the health system said in a May 9 news release shared with Becker's. "Our investigation and restoration work will take time to complete, and we do not have a timeline for completion."
Ascension has 134,000 employees, 35,000 affiliated providers and 140 hospitals across 19 states and Washington, D.C.
Becker's reached out to Ascension and will update this article if more information becomes available.