FOX23 speaks with IT expert following ransomware attack on Ascension St. John | News | #ransomware | #cybercrime

TULSA, Okla. — FOX23 learned new details about the ransomware attack on Ascension St. John and spoke with an IT expert who specializes in protecting hospitals from information breaches to find out what you need to know.

An anonymous source also spoke with FOX23 and shared what they have heard.

A ransomware attack on Ascension St. John isn’t the only attack on the network as they join 10 other states that were affected.

“I think in any situation like this it’s important to recognize that an incident occurred,” said Carrie Randolph, who works for Go Security Pro in Tulsa. “I work with a lot of hospitals on the day-to-day doing HIPAA-focused risk assessments.”

Randolph said with attacks such as this, the most important thing is protecting your data.

“Me personally, my primary care physician is from St. John and my first thought and everyone else’s first thought is how am I impacted personally,” Randolph said.

An anonymous source from Ascension St. John reached out to FOX23 last week to share what they were hearing. They said they were told to call it an “IT disturbance” and the group to blame is “Black Basta from Russia.”

The source also said the bosses said “not to post” anything about this on “social media.”

They have no idea what info was “compromised”.

“Organizations the size and scope of St. Johns, they have plans in place, business continuity and disaster recovery,” Randolph said.

FOX23 reached out to Ascension St. John on Friday and again on Monday for a response to the claims and both times we were referred to the media releases.

The most recent one was on Monday at 4:30 p.m. and can be read below.

“All Ascension St. John hospitals, physician offices, and care sites across the state remain open and operational. Despite the challenges posed by the recent ransomware incident, patient safety continues to be our utmost priority. Our dedicated doctors, nurses, and care teams are demonstrating incredible thoughtfulness and resilience as we utilize manual and paper based systems during the ongoing disruption to normal systems.”

Ascension also said they have notified the FBI.

“This is very much a wait and see kind of thing. Again there is cause for concern because at this point we do know that they had a ransomware event, we just don’t know the extent of that event,” Randolph said.

Randolph said Ascension is doing what they are supposed to by letting people know, but she explained what you need to know as a consumer or patient.

“Change any passwords. If you had a password you used to log into a website for St. John’s, change and rotate that password to something that is secure. If you have used that same password in another site, maybe you have used that password to log into your bank account that you used in your ‘My Patient Portal’. If those passwords are the same, if I am an attacker, I will try and use it in different places,” Randolph said.

There is a lot of information on Ascension’s website including a question and answer list showing exactly how situations involving your care, medications and appointments are being handled.

You can find all of that information, by clicking here.

Source link


National Cyber Security