Ascension healthcare data breach exposes 430,000 patient records

Posted by Kurt Knutsson, CyberGuy Report | 5 hours ago | Fox News | Views: 8


The state of cybersecurity in the healthcare industry worries me a lot. Healthcare organizations, whether nonprofit or for-profit, collect an enormous amount of data. And it’s not just phone numbers, addresses or emails but also sensitive information like medical records, insurance details and more. This data is extremely valuable, which makes it a prime target for hackers.

What’s worse is that many healthcare institutions often neglect cybersecurity and treat it as an afterthought. In 2024 alone, an industry tracker recorded 1,160 healthcare breaches that exposed 305 million patient records. This marked a 26% increase compared to the previous year.

Against this backdrop, Ascension, a Missouri-based Catholic health system with 142 hospitals and 142,000 employees, recently disclosed that a December 2024 breach exposed the personal and medical information of more than 430,000 patients.

Join the FREE “CyberGuy Report”: Get my expert tech tips, critical security alerts and exclusive deals, plus instant access to my free “Ultimate Scam Survival Guide” when you sign up!

Ascension healthcare data breach exposes 430,000 patient records

A hacker at work (Kurt “CyberGuy” Knutsson)

What you need to know

According to Ascension’s breach notification letters, the compromise began on Dec. 5, 2024, when the network learned patient data “may have been involved in a potential security incident.” By Jan. 21, 2025, its investigators had determined that Ascension had “inadvertently disclosed information to a former business partner,” and that attackers likely stole data from that partner via a flaw in its software. In other words, patient records passed from Ascension into a third party’s system and were then siphoned off by cybercriminals.

The attackers gained a broad array of information. Impacted patients’ demographic and financial details, names, mailing addresses, phone numbers, email addresses, dates of birth, race, gender and Social Security numbers were exposed. Even more worryingly, the breach included clinical data from hospital stays, including physician names, admission and discharge dates, diagnosis and procedure codes, medical record numbers and insurance details. This is the very data that criminals can exploit for fraud or identity theft.

Ascension healthcare data breach exposes 430,000 patient records

A healthcare worker typing on a laptop (Kurt “CyberGuy” Knutsson)

THINK YOU CAN DELETE YOUR OWN DATA? WHY IT’S HARDER THAN YOU THINK

Timeline and involvement

Ascension reported the breach to regulators via an HHS filing on April 28, 2025, which shows 437,329 patients affected. By comparison, the company had earlier disclosed the impact in state filings. For example, 114,692 Texas patients and 96 Massachusetts residents were individually notified of exposure. In response, Ascension is offering those affected two years of free identity monitoring services (credit monitoring, fraud consultation and identity theft restoration).

For scale, Ascension is a major nonprofit health system, one of the largest in the U.S., operating 142 hospitals across North America. The company has not named the third-party partner, but its description fits a vendor whose secure file-transfer software was breached. 

The timing aligns with a series of recent Cl0p ransomware attacks. Cl0p has publicly claimed responsibility for exploiting a zero-day flaw in Cleo’s secure file-transfer products, stealing data from dozens of organizations worldwide. While Ascension itself was not directly hit by ransomware, its data might have ended up in that same attack campaign.

Ascension’s patients and employees are no strangers to data breaches. In May 2024, a Black Basta ransomware attack compromised Ascension’s own network. That incident, traced back to a single employee opening a malicious file, resulted in the exfiltration of data belonging to nearly 5.6 million people.

The fallout was severe. Hospitals lost access to digital records, forcing clinicians to record vitals, medications and orders on paper. Elective procedures and some appointments were paused, and emergency services were redirected to unaffected facilities to avoid delays in care.

We reached out to Ascension for a comment on our article but did not hear back before our deadline.

Ascension healthcare data breach exposes 430,000 patient records

A man typing on a laptop (Kurt “CyberGuy” Knutsson)

HOW TO GET RID OF ROBOCALLS WITH APPS AND DATA REMOVAL SERVICES

Ways to protect yourself after the Ascension data breach

If you think you were affected or just want to be cautious, here are some steps you can take right now to stay safe from the Ascension data breach.

1) Watch out for phishing scams and use strong antivirus software: With access to your email, phone number or identification documents, Ascension attackers can craft convincing phishing emails pretending to be from healthcare providers or banks. These emails might include malicious links designed to install malware or steal login information. To defend yourself, use a strong antivirus program. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

2) Scrub your data from the internet using a personal data removal service: The more exposed your personal information is online, the easier it is for scammers to use it against you. Following the Ascension breach, consider removing your information from public databases and people-search sites.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here.

3) Safeguard against identity theft and use identity theft protection: Hackers now have access to high-value information from the Ascension breach, including Social Security numbers and bank information. This makes you a prime target for identity theft. You might want to consider investing in identity theft protection, which can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. Signing up for identity theft protection gives you 24/7 monitoring, alerts for unusual activity and support if your identity is stolen. See my tips and best picks on how to protect yourself from identity theft.

4) Set up fraud alerts: Requesting fraud alerts notifies creditors that they need extra verification before issuing credit in your name. You can request fraud alerts through any one of the three major credit bureaus; they’ll notify the others. This adds another layer of protection without completely freezing access to credit. 

5) Monitor your credit reports: Regularly check your credit reports through AnnualCreditReport.com, where you can access free reports from each bureau once per year or more frequently if you’re concerned about fraud. Spotting unauthorized accounts early can prevent larger financial damage.

6) Change passwords and use a password manager: Update passwords on any accounts tied to compromised data. Use unique passwords that are hard to guess and let a password manager do the heavy lifting by generating secure ones for you. Reused passwords are an easy target after breaches. Consider password managers for convenience and security. Get more details about my best expert-reviewed password managers of 2025 here.

7) Be wary of social engineering attacks: Hackers may use stolen details like names or birthdates from breaches in phone scams or fake customer service calls designed to trick you into revealing more sensitive info. Never share personal details over unsolicited calls or emails. Social engineering attacks rely on trust, and vigilance is key.

HACKERS USING MALWARE TO STEAL DATA FROM USB FLASH DRIVES

Kurt’s key takeaway

Attackers have frequently targeted Ascension, but the company does not seem to be learning its lesson. If it were a one-off incident, it might be understandable. But how do you fail to strengthen cybersecurity after experiencing a nationwide blackout? Rather than being an isolated event, this breach feels like part of a larger pattern. The industry relies on complex vendor networks and outdated IT systems, while cybercriminals continue to exploit emerging vulnerabilities.

Should hospitals be penalized for neglecting basic cybersecurity practices? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.



Fox News

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *