On November 27, 2023, Ardent Health Services posted a website notice describing a recent and ongoing cybersecurity incident affecting its computer network. In this notice, Ardent Health explains that the incident stemmed from a ransomware attack, which the company is still in the process of investigating. Upon completing its investigation, if Ardent Health determines that confidential patient information was subject to unauthorized access, it will send data breach letters to all patients whose information was affected by the recent data security incident.
If you receive a data breach notification from Ardent Health Services, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following any possible Ardent Health Services data breach. For more information, please see our recent piece on the topic here.
Was There an Ardent Health Services Data Breach?
The cyberattack against Ardent Health Services was only recently announced, and more information is expected in the near future. Thus, at this point, it’s too soon to determine if there has been an Ardent Health data breach. However, Ardent Health’s website notice provides some important information on what led up to the breach.
According to this source, on November 23, 2023, Ardent Health learned of a technology cybersecurity incident. In response, Ardent Health secured its system and then launched an investigation with the help of third party data security specialists into the cause and impact of the incident.
The Ardent Health investigation is ongoing, and the company is still working to restore its information technology operations. In the meantime, Ardent Health is diverting some patients to other area facilities.
Ardent Health’s investigation has not yet concluded whether any patient data was leaked, although that will undoubtedly be a part of the investigation.
If Ardent Health Services concludes that patient information was compromised, it will be required to send out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
According to the most recent website notices, the following facilities appear to be among those that were affected by the recent ransomware attack:
- Pascack Valley Medical Center
- Mountainside Medical Center
- Lovelace Health System
- Hillcrest HealthCare System
- U of Kansas Health System — St. Francis campus
- Portneuf Medical Center
- BSA Health System
More Information About Ardent Health Services
Ardent Health Services is a healthcare system based out of Nashville, Tennessee. Ardent Health and its subsidiaries own and operate 30 hospitals and more than 200 healthcare facilities, employing more than 1,400 providers in six states. Ardent Health Services employs more than 23,000 people and generates approximately $2.3 billion in annual revenue.
