News
Sensitive Medical and Personal Information Stolen in December Hack — Details Surface Months Later
<p class="" data-start="540" data-end="757">Ascension has disclosed a staggering breach involving more than 430,000 patients, admitting that sensitive health and personal data were compromised after a December security lapse involving a former business partner.</p>
<p class="" data-start="759" data-end="944">The healthcare giant, which runs over 140 hospitals and senior care facilities across the U.S., began alerting patients in April — months after it first detected signs of the intrusion.</p>
<h2 class="" data-start="946" data-end="992">The Breach That Started Quietly in December</h2>
<p class="" data-start="994" data-end="1064">Back on December 5, 2024, Ascension first got wind of something fishy.</p>
<p class="" data-start="1066" data-end="1345">That’s when internal alerts flagged the possibility that patient data had been exposed. But it wasn’t until January 21, 2025, that the company pieced together the full picture: a former third-party partner had been compromised, and so had the data Ascension had shared with them.</p>
<p class="" data-start="1347" data-end="1596">Only in late April, through regulatory filings and public notices, did the scale come into focus. A filing with the U.S. Department of Health &; Human Services, which wasn’t made public until now, revealed the full count: 437,329 people affected.</p>
<p class="" data-start="1598" data-end="1633">And that’s just from this incident.</p>
<p data-start="1598" data-end="1633"><a href="https://www.theibulletin.com/wp-content/uploads/2025/05/ascension-health-data-breach-patient-information-ransomware-2025.jpg"><img class="aligncenter size-full wp-image-57442" src="https://www.theibulletin.com/wp-content/uploads/2025/05/ascension-health-data-breach-patient-information-ransomware-2025.jpg" alt="ascension health data breach patient information ransomware 2025" width="1301" height="661" /></a></p>
<h2 class="" data-start="1635" data-end="1674">What Was Stolen — And Who&#8217;s at Risk?</h2>
<p class="" data-start="1676" data-end="1782">The exposed information reads like a cybercriminal’s dream shopping list. It wasn’t just names and emails.</p>
<p class="" data-start="1784" data-end="1798">We’re talking:</p>
<ul data-start="1800" data-end="2044">
<li class="" data-start="1800" data-end="1814">
<p class="" data-start="1802" data-end="1814">Full names</p>
</li>
<li class="" data-start="1815" data-end="1851">
<p class="" data-start="1817" data-end="1851">Home addresses and phone numbers</p>
</li>
<li class="" data-start="1852" data-end="1871">
<p class="" data-start="1854" data-end="1871">Email addresses</p>
</li>
<li class="" data-start="1872" data-end="1886">
<p class="" data-start="1874" data-end="1886">Birthdates</p>
</li>
<li class="" data-start="1887" data-end="1914">
<p class="" data-start="1889" data-end="1914">Social Security numbers</p>
</li>
<li class="" data-start="1915" data-end="1941">
<p class="" data-start="1917" data-end="1941">Medical record numbers</p>
</li>
<li class="" data-start="1942" data-end="1960">
<p class="" data-start="1944" data-end="1960">Insurance info</p>
</li>
<li class="" data-start="1961" data-end="1990">
<p class="" data-start="1963" data-end="1990">Admission/discharge dates</p>
</li>
<li class="" data-start="1991" data-end="2022">
<p class="" data-start="1993" data-end="2022">Diagnoses and billing codes</p>
</li>
<li class="" data-start="2023" data-end="2044">
<p class="" data-start="2025" data-end="2044">Names of physicians</p>
</li>
</ul>
<p class="" data-start="2046" data-end="2097">In short, everything you wouldn&#8217;t want leaked… was.</p>
<p class="" data-start="2099" data-end="2327">The breach hit patients who visited Ascension facilities and had their data stored or processed by this unnamed partner. And depending on the person, the details ranged from standard contact info to full-blown medical histories.</p>
<h2 class="" data-start="2373" data-end="2406">A Pattern of Security Failures</h2>
<p class="" data-start="2408" data-end="2490">Unfortunately, this isn’t Ascension’s first rodeo with a major cybersecurity mess.</p>
<p class="" data-start="2492" data-end="2749">Just last year, in May 2024, the health system disclosed that a ransomware group — Black Basta — had stolen data from 5.6 million patients and employees. That time, the attack began when an employee clicked on a malicious file. The fallout was enormous.</p>
<p class="" data-start="2751" data-end="2859">Doctors had to resort to paper charts. Elective surgeries were canceled. Even ambulances had to be rerouted.</p>
<p class="" data-start="2861" data-end="3070">The financial and operational disruption lasted weeks. It raised eyebrows in D.C. and sent shockwaves through the healthcare industry, which has increasingly found itself a favorite target of ransomware gangs.</p>
<p class="" data-start="3072" data-end="3150">And now, less than a year later, another breach. Different cause. Same result.</p>
<h2 class="" data-start="3152" data-end="3179">Was This Linked to Clop?</h2>
<p class="" data-start="3181" data-end="3255">The timeline and method of attack point toward a familiar adversary: Clop.</p>
<p class="" data-start="3257" data-end="3422">The Russian-speaking ransomware crew made headlines last year for exploiting a zero-day flaw in Cleo, a secure file transfer software widely used by enterprises.</p>
<p class="" data-start="3424" data-end="3627">Ascension didn’t name the software or the attackers. But cybersecurity experts believe the method matches other Clop campaigns, which were known for infiltrating via third-party tools — not direct hacks.</p>
<p class="" data-start="3629" data-end="3710">It’s like breaking into a bank by sneaking through a vendor’s unlocked back door.</p>
<p class="" data-start="3712" data-end="3872">Clop’s modus operandi is to exfiltrate the data, publish proof, and demand money — without necessarily encrypting systems. That subtlety often delays detection.</p>
<p class="" data-start="3874" data-end="3912">And once that data is gone, it’s gone.</p>
<h2 class="" data-start="3914" data-end="3948">State-by-State Fallout Revealed</h2>
<p class="" data-start="3950" data-end="4162">As filings trickled in, the full scope became clearer. In Texas alone, 114,692 individuals were confirmed affected. In Massachusetts, it was 96. Not huge there — but every number is a name, a person, a story.</p>
<p class="" data-start="4164" data-end="4237">And more states are likely to report exposure as investigations continue.</p>
<p class="" data-start="4239" data-end="4300">Here’s a quick look at some reported numbers by jurisdiction:</p>
<div class="_tableContainer_16hzy_1">
<div class="_tableWrapper_16hzy_14 group flex w-fit flex-col-reverse" tabindex="-1">
<table class="w-fit min-w-(--thread-content-width)" data-start="4302" data-end="4626">
<thead data-start="4302" data-end="4354">
<tr data-start="4302" data-end="4354">
<th data-start="4302" data-end="4320" data-col-size="sm">State</th>
<th data-start="4320" data-end="4354" data-col-size="sm">Confirmed Affected Individuals</th>
</tr>
</thead>
<tbody data-start="4406" data-end="4626">
<tr data-start="4406" data-end="4458">
<td data-start="4406" data-end="4424" data-col-size="sm">Texas</td>
<td data-start="4424" data-end="4458" data-col-size="sm">114,692</td>
</tr>
<tr data-start="4459" data-end="4511">
<td data-start="4459" data-end="4477" data-col-size="sm">Massachusetts</td>
<td data-col-size="sm" data-start="4477" data-end="4511">96</td>
</tr>
<tr data-start="4512" data-end="4569">
<td data-start="4512" data-end="4535" data-col-size="sm">Others (undisclosed)</td>
<td data-col-size="sm" data-start="4535" data-end="4569">Estimated 322,541</td>
</tr>
<tr data-start="4570" data-end="4626">
<td data-start="4570" data-end="4590" data-col-size="sm">Total</td>
<td data-col-size="sm" data-start="4590" data-end="4626">437,329</td>
</tr>
</tbody>
</table>
<div class="sticky end-(--thread-content-margin) h-0 self-end select-none">
<div class="absolute end-0 flex items-end"></div>
</div>
</div>
</div>
<p class="" data-start="4628" data-end="4732">The full list hasn&#8217;t been disclosed publicly, but regulators have been looped in across multiple states.</p>
<h2 class="" data-start="4734" data-end="4771">Free Monitoring, But Is It Enough?</h2>
<p class="" data-start="4773" data-end="4863">To its credit, Ascension is offering two years of free identity monitoring, including:</p>
<ul data-start="4865" data-end="4952">
<li class="" data-start="4865" data-end="4889">
<p class="" data-start="4867" data-end="4889">Credit report access</p>
</li>
<li class="" data-start="4890" data-end="4912">
<p class="" data-start="4892" data-end="4912">Fraud consultation</p>
</li>
<li class="" data-start="4913" data-end="4952">
<p class="" data-start="4915" data-end="4952">Identity theft restoration services</p>
</li>
</ul>
<p class="" data-start="4954" data-end="5004">It’s the usual playbook — and better than nothing.</p>
<p class="" data-start="5006" data-end="5194">But critics say it’s reactive, not proactive. Once your SSN is out, it’s out. Same for diagnosis codes and billing details. You can’t change your past medical history. It sticks like glue.</p>
<p class="" data-start="5196" data-end="5302">For elderly patients or those with chronic illnesses, this kind of exposure feels personal. And permanent.</p>
<h2 class="" data-start="5304" data-end="5354">The Bigger Picture for U.S. Healthcare Security</h2>
<p class="" data-start="5356" data-end="5429">Let’s not sugarcoat it. Healthcare IT systems in the U.S. are vulnerable.</p>
<p class="" data-start="5431" data-end="5592">Hospitals run on legacy tech. Vendors come and go. Third-party software is everywhere. And most orgs just aren’t prepared for the scale of today’s cyber threats.</p>
<p class="" data-start="5594" data-end="5778">Ascension employs over 142,000 people and had $28.3 billion in revenue last year. It’s not some mom-and-pop clinic. If they can be hit — twice — what does that say about everyone else?</p>
<p class="" data-start="5780" data-end="5951">The government has taken notice. There’s been increasing pressure from federal agencies like HHS and CISA to improve security standards. But the pace of adoption? Glacial.</p>
<p class="" data-start="5953" data-end="5989">For now, hackers seem to be winning.</p>

Circle Stock Surges After Fiserv Deal Signals Stablecoins May Finally Be Going Mainstream
CoinMarketCap Supply Chain Attack Leaves Crypto Users Reeling After $43,000 Wallet Drain
Solana Slips as Bitcoin Soars: Can the High-Speed Crypto Still Catch Up?
Gordon Ramsay Fainted at Son’s Birth While Ed Sheeran Played in the Background
As AI hype grabs headlines, these two tech titans are doing more than talking — they’re cashing in
The Last of Us Season 3: Clarity, Chaos, and Characters We Thought Were Gone
Einstein and the Block Universe: Is Your Future Already Set?
XRP Eyes $3 as Crypto Markets See Whiplash Recovery and Bitcoin Roars Past $111K
Claude 4 Cuts Coding Errors by 25%, Gets Faster, Says Vibe Startup Lovable
Whitney Purvis Mourns Loss of Son Weston Gosa Jr. at 16
-
News4 months agoTaiwanese Companies Targeted in Phishing Campaign Using Winos 4.0 Malware
-
News3 months agoJustin Baldoni Hits Back at Ryan Reynolds, Calling Him a “Co-Conspirator” in Blake Lively Legal Battle
-
News4 months agoApple Shuts Down ADP for UK iCloud Users Amid Government Backdoor Demands
