Published: 02 May 2025
Summary
Ascension Health, a prominent Missouri-based Catholic health system, has revealed a series of third-party data breaches in 2025 that have affected patients across its extensive network of hospitals. These breaches have raised significant concerns about healthcare cybersecurity, especially as many incidents date back to 2024 or earlier.
Key breaches include events linked to a former business partner, law firm hacks, and incidents involving telehealth services and wound care management providers. Notably, none of the breaches directly impacted Ascension’s internal systems, but they nevertheless exposed sensitive patient information. Ascension is now working to enhance its data security measures to prevent similar incidents in the future.
Key Points
- Ascension Health disclosed multiple third-party data breaches affecting patients in 2025.
- Notices for the breaches, including those originating from a cyberattack on Change Healthcare, were posted on Ascension’s website.
- Significant breaches occurred due to vulnerabilities in third-party software used by former partners.
- Data involved included demographic details, Social Security numbers, clinical information, and financial data.
- Ascension is actively reassessing its security practices to enhance patient data protection in light of these incidents.
Why should I read this?
If you have an interest in healthcare security, this article spills the beans on significant data breaches affecting a large health system. With healthcare increasingly becoming a battleground for cyberattacks, understanding these incidents can help you grasp the risks involved. So, if you want the lowdown without sifting through all the details yourself, we’ve got you covered—definitely worth a read!