Ascension Seton

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Ascension Seton, a healthcare system based in Austin, Texas, experienced a data breach involving its legacy websites, Seton.net and DellChildrens.net, on March 1-2, 2023. The breach was managed by a third-party vendor, Vertex, which alerted law enforcement and hired a forensic investigator to study the event[1][2][4]. Over 18,000 patients in Texas may have had their data compromised, including those from Austin-based Ascension Seton and Waco-based Ascension Providence[7].

The compromised information potentially includes names, addresses, email addresses, phone numbers, insurance information, Social Security numbers (or tax identification numbers), credit card numbers, and other clinical information[1][2][4]. However, Ascension Seton believes that no information was removed from the affected systems or misused[1][2][4]. The Ascension networks and medical record systems were not affected by this incident[1][2][4].

In response to the breach, Ascension Seton has taken several steps to prevent future incidents. These include shutting down the affected sites and creating new ones hosted by Ascension, reviewing processes for vendor-hosted websites, and reviewing the type of information collected on these sites[1][2][4]. Affected individuals have been notified and offered complimentary credit and identity theft protection services, especially those whose Social Security numbers, credit card information, and/or insurance numbers were impacted[1][2][4].

The incident has been reported to the Office for Civil Rights in accordance with obligations under the HIPAA rules[1]. Ascension Seton has set up a dedicated assistance line for those affected by the breach, available at 866-547-1504[1][2].

This breach is part of a larger trend of increasing cybersecurity threats targeting healthcare systems. A study published by researchers at the University of Minnesota found that ransomware attacks against American healthcare systems doubled between 2016 and 2021, exposing the personal health information of some 42 million people[2].

Citations:

  1. https://www.kvue.com/article/tech/ascension-seton-data-breach/269-867e930c-d8d8-41dd-8695-eb93b17ab1ae
  2. https://www.kut.org/health/2023-06-07/ascension-seton-austin-hospital-data-breach
  3. https://www.kxan.com/news/local/austin/austin-police-association-files-petition-asking-court-to-intervene-on-police-oversight-lawsuit/
  4. https://www.kxan.com/news/local/austin/ascension-seton-social-security-numbers-credit-cards-impacted-by-security-breach/
  5. https://www.jdsupra.com/legalnews/ascension-announces-data-breach-4335354/
  6. https://www.accenture.com/us-en/careers
  7. https://www.beckershospitalreview.com/cybersecurity/18-000-ascension-patients-caught-in-data-breach.html
  8. https://s3.us-east-1.amazonaws.com/ut-dms-prod-uthealth-s3-bucket/downloads/Ascension.DCMC.Data.Breach.FINAL.06.07.2023.pdf
  9. https://perscholas.org/eligibility/
  10. https://www.fox7austin.com/news/ascension-seton-investigating-data-breach
  11. https://www.practicematch.com/physicians/jobs
  12. https://www.databreaches.net/ascension-seton-reports-data-breach-of-websites/
  13. https://www.beckershospitalreview.com/cybersecurity/ascension-seton-phi-exposed-in-vendor-breach.html
  14. https://www.kxan.com/video/ascension-seton-social-security-numbers-credit-cards-impacted-by-security-breach/8711889/
  15. https://www.msdlegal.com/blog/2023/06/ascension-seton-data-breach-class-action-investigation/
Breach Submission Date Jun 06, 2023
Converted Entity Name Ascension Seton
Converted Entity Type Healthcare Provider
State TX
Individuals Affected 17,191
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes