Skip to main content
Michigan’s nonpartisan, nonprofit news source

Informing you and your community in 2025

Bridge Michigan’s year-end fundraising campaign is happening now! As we barrel toward 2025, we are crafting our strategy to watchdog Michigan’s newly elected officials, launch regional newsletters to better serve West and North Michigan, explore Michigan’s great outdoors with our new Outdoor Life reporter, innovate our news delivery and engagement opportunities, and much more!

Will you help us prepare for the new year? Your tax-deductible support makes our work possible!

Pay with VISA Pay with MasterCard Pay with American Express Pay with PayPal Donate

Ascension, owner of 15 Michigan hospitals, confirms cyberattack was ransomware

Phone lock to protect from cyber scam, online data fraud or identity theft. Laptop with hacker virus code in screen.
In its latest update about the ransomware attack, Ascension warns that it can no longer accept credit cards at its pharmacies. (Shutterstock)
  • A cyberattack at one of the nation’s largest hospital chains began last week
  • On Monday, Ascension alerted patients it can no longer take credit cards at its own pharmacies
  • Patients are asked to write down health information, including symptoms and medications, for their appointments.

June 4: Ascension Michigan pharmacies can fill drug scripts now, data crisis lingers
May 16: Ransomware update: Ascension can’t fill prescriptions at its Michigan pharmacies

Ascension hospitals, doctors offices, and other sites remain “open and operational,” but patients can expect delays, the St. Louis-based Catholic health-care giant assured patients Monday evening.

Five days after it first recognized the massive security breach, Ascension said its pharmacies can no longer take credit cards, and it acknowledged its dependence now on “manual and paper based systems” as it tries to resolve the breach.

Patients needing prescription refills at Ascension pharmacies should bring their bottles with them to the pharmacies, and “certain” hospitals continue to divert ambulances to other non-Ascension hospitals.

Related:

Retail pharmacies are able to fill prescriptions, “but also ask patients to bring their prescription bottles from a previous fill.”

The chain sought to reassure patients: “Despite the challenges posed by the recent ransomware incident, patient safety continues to be our utmost priority,” according to a statement Monday evening.

Scheduled doctor’s visits are “proceeding as planned.”

It followed Ascension’s confirmation Saturday that the cyberattack last week was, in fact, an act of “ransomware.”

The system operates 15 Michigan hospitals. It released no details on the attack, including the hackers’ demands. 

In its statement released Saturday, Ascension said it is in “close contact” with the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). Ascension is sharing information with industry partners so they can protect themselves from a similar attack, the health-care giant said in its statement.

It also warned that restoring the computer system will take time.

“While we expect this process will take time to complete, we are making progress and systems are being restored in a coordinated manner at each of our care sites,” according to the statement.

What patients should do 

On Monday, Ascension continued to direct patients to write down symptoms and a list of current medications or to hold onto their prescription bottles — so that medical offices can call in prescriptions.

Patients are expected to keep their appointments, although some “nonemergency procedures, tests and appointments have been temporarily paused,” Ascension has said. 

The hospital chain said it was working “around the clock” to resolve the issue, but can offer no timeline on when its operations will return to normal. 

Access to health records disrupted

The problems began Wednesday when the St. Louis-based hospital system “detected unusual activity on select technology network systems.” On Thursday, characterized the problems as a “cybersecurity event” and later that same day as a “cybersecurity incident.” 

The attack cut off access to the system’s electronic health records system. That included patient records on MyChart, which allows patients to see their records, schedule appointments and talk with providers.

It also disrupted phones as well as scheduling and testing processes, and forced the rerouting of at least some Michigan patients.

How impactful was this article for you?

Michigan Health Watch

Michigan Health Watch is made possible by generous financial support from:

Please visit the About page for more information, and subscribe to Michigan Health Watch.

Only donate if we've informed you about important Michigan issues

See what new members are saying about why they donated to Bridge Michigan:

  • “In order for this information to be accurate and unbiased it must be underwritten by its readers, not by special interests.” - Larry S.
  • “Not many other media sources report on the topics Bridge does.” - Susan B.
  • “Your journalism is outstanding and rare these days.” - Mark S.

If you want to ensure the future of nonpartisan, nonprofit Michigan journalism, please become a member today. You, too, will be asked why you donated and maybe we'll feature your quote next time!

Pay with VISA Pay with MasterCard Pay with American Express Pay with PayPal Donate Now