NASHVILLE, Tenn. (WKRN) — A patient has filed a massive class action lawsuit against Ascension St. Thomas Hospital.
The lawsuit alleges that personal information, including dates of birth, Social Security numbers and health insurance numbers, was illegally obtained through the hack.
The plaintiffs allege that the hospital “failed to take appropriate measures to protect the personal information” of patients.
Earlier this month, Ascension Hospital suffered a cybersecurity attack that forced staff to operate under downtime procedures that were put in place, with everything being tracked manually.
As Ascension Hospital patients continue to seek treatment, a retired FBI special agent told News 2 there are things current patients can do to protect their information.
“When bad guys steal your stuff, the police aren't going to come in with a magic wand and get your stuff back, your money, your papers,” former FBI special agent Scott Augenbaum told me. “It's really, really hard to put bad guys in jail, because they're overseas.”
Augenbaum explained that when he heard about the Ascension ransomware, he wasn't shocked.
“The problem in healthcare is that cybercriminals continue to target healthcare, and healthcare views cybersecurity as a cost rather than an investment,” Augenbaum said.
Augenbaum told News 2 that while he worked in the FBI's Cybercrimes Unit, he regularly dealt with cybersecurity hacks and ransomware in the healthcare sector.
“All of these systems need to be patched,” Augenbaum said. “They need the latest technology updates. Oftentimes, organizations don't know where their information is. It's all over the place. It's in the cloud, which makes it very difficult. Cybercriminals can find vulnerabilities in systems and exploit them.”
He added that a significant percentage of hacking entry points are usually preventable.
“Almost 90 percent of the issues I've dealt with could have been easily prevented if end users had what I call a cybersecurity mindset,” Augenbaum says. “It's not just about spending money; it's about making cybersecurity part of your organizational culture and your personal culture at home.”
⏩ Read today's top stories on wkrn.com
Augenbaum encourages patients still under Ascension's care to freeze their credit bureaus, think before you click, have a variety of passwords and use two-factor authentication.
“When Blue Cross Blue Shield had hackers steal all my information, I had no choice,” Augenbaum explains. “What do I do? Do I switch to another health plan? Unfortunately, we are all at the mercy of our healthcare organizations, and they have to respond.”
Ascension Hospital's last release was last Tuesday, which read in part, “Ascension Hospital is working with industry-leading cybersecurity experts to investigate the recent ransomware attack and continue to safely rebuild and restore our systems.”
