Ascension is the latest health system in Wisconsin to be hit by a cyberattack

A health system with numerous hospitals and clinics in Wisconsin is investigating a cyberattack that disrupted access to some technology systems. However, it is unclear whether the hack affected sensitive patient data.

St. Louis-based Ascension said it detected “unusual activity” on select network systems Wednesday that it believes was caused by a “cybersecurity event.”

Ascension is working with an outside expert to find a solution. The health system said it is working to determine what information may have been affected by the breach. If sensitive information is affected, Ascension said it will notify those affected.

“Our care teams are trained to respond to these types of disruptions and have procedures in place to ensure patient care continues to be safe and minimized,” the health care provider said in a statement. “There has been a disruption to clinical operations and we continue to assess the impact and duration of the disruption.”

Ascension did not immediately respond to a request for comment.

Alex Holden is the chief information security officer at Hold Security, a Mequon-based cybersecurity company. Based on Ascension’s public statements about the breach, he said it appears the attack was not a “full breach” of its network.

“They are also encouraging their partners to cut technology ties with Ascension for the time being,” he said. “They appear to be either being exploited by a particular party or there is a risk that the breach will not be fully contained – and it could also affect their partners.”

Last year, a cyberattack caused a system-wide outage at HSHS and Prevea, impacting clinical and administrative communications systems. In early 2024, Group Health Cooperative of South Central Wisconsin, a nonprofit managed healthcare organization, also suffered a cyberattack that resulted in the disclosure of patients’ personal information.

According to the New York Times, hospital systems have become increasingly targeted by hackers in recent years. The Times reports that healthcare is one of the industries most vulnerable to cyberattacks because medical records can be sold for a lot of money.

There were a record 725 data breaches involving 500 or more records last year, up from 720 such breaches the previous year, according to health news outlet HIPAA Journal.

Holden, of cybersecurity firm Mequon, said medical information can be more valuable to hackers than financial information because financial information can become relatively useless over time. That’s because it’s relatively easy to cancel a credit or debit card, but the medical information doesn’t change over time.

“It’s always valuable and always historically accurate,” he said of medical information. “Protecting medical information is much more personal to people than protecting financial information, which is relatively easy to change.”

Holden also said health systems’ protections against hackers could become outdated very quickly. He assumes that cyber attacks on the healthcare system will continue to increase in the coming years.

“This is all increasing and getting worse every year because the hacks are becoming more sophisticated,” he said. “The bad guys are getting smarter and smarter. They know more about medical systems than they did months and years ago.”

That’s why it’s important for health systems to be “cybersecurity aware” and keep their technologies up to date, Holden said.

Employee training is also an important component in defending against cyber attacks, he added.

“They need to be involved in the cybersecurity of the company because there is a human element to the breaches right now,” Holden said. “If we are more knowledgeable about cybersecurity, we are more likely to be able to prevent these breaches by identifying the signs earlier and preventing breaches from getting worse or even occurring in the first place.”