Ascendant Health Systems, a network of 38 hospitals across the Southeast, has disclosed a data breach affecting 4.2 million patients. The attackers exploited a zero-day vulnerability in the organization's patient portal software to exfiltrate names, Social Security numbers, medical diagnoses, and insurance information over a three-week period.
The breach was discovered after an internal security audit flagged unusual data transfer patterns on March 28. Forensic investigators traced the intrusion to a Russian-speaking ransomware group known as BlackStar, which has demanded a $15 million ransom.
Ascendant is offering affected patients two years of free credit monitoring and has engaged CrowdStrike for incident response. The HHS Office for Civil Rights has opened a HIPAA compliance investigation.
