US healthcare giant Ascension has been forced to push multiple clinical systems offline after it discovered a suspected cyber attack on its IT systems.
The hospital operator, which has one of the largest private healthcare systems in the United States, said it pushed the systems offline to investigate what it called an “unusual activity” in a statement released on Wednesday.
The move is hoped to contain the attack and protect sensitive patient data. The full extent of the attack and whether any information was compromised remains under investigation.
"We detected unusual activity on select technology network systems, which we now believe is due to a cyber security event," Ascension’s statement reads.
"We responded immediately, initiated our investigation and activated our remediation efforts. Access to some systems has been interrupted as this process continues."
The healthcare organisation also advised business partners to sever connections to its systems until told otherwise.
“Out of an abundance of caution, we are recommending that business partners temporarily suspend the connection to the Ascension environment. We will inform partners when it is appropriate to reconnect into our environment.”
Ascension has also called upon third-party security expert Mandiant to assist in the investigation and remediation process and notified the appropriate authorities.
Hospital disruptions continue
Since the investigation began, access to some crucial Ascension systems has been interrupted as the process of assessing the impact of the cyber attack continues.
"There has been a disruption to clinical operations, and we continue to assess the impact and duration of the disruption," the statement continued. No further timetable was provided.
Ascension is one of the largest hospital systems in Illinois, with 150 care sites and 14 hospitals, including Ascension St. Francis in Evanston, Ascension Resurrection in Chicago, Ascension Saint Mary in Kankakee and Ascension Alexian Brothers in Elk Grove Village.
Read more: Biggest Cyber Attacks in History
According to a spokesperson by the healthcare giant, multiple Ascension locations in Illinois were experiencing "some IT service interruptions."
"Our care teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible," the statement added.
Unanswered questions remain
The nature of the cyber attack and the attackers' motives are still unknown. Investigators are still working to determine the type of attack and whether any data was stolen, and Ascension has not yet commented on whether they received any ransom demands.
“Together, we are working to fully investigate what information, if any, may have been affected by the situation,” the statement by Ascension continues.
“Should we determine that any sensitive information was affected, we will notify and support those individuals in accordance with all relevant regulatory and legal guidelines.”
The healthcare giant has promised to update the public as they learn more information. In the meantime, patients seeking care at Ascension facilities are advised to contact their local hospital for the latest information on potential delays.
The incident is just one of the latest cyber attacks targeting healthcare providers in the US. In February, Change Healthcare was also forced to push its own systems offline after a cyber attack exposed sensitive patient data.