Ascension ransomware attack caused by employee error. US healthcare system Ascension has disclosed that the ransomware attack the company sustained last month was caused by an employee who accidentally downloaded a malicious file. The company added, "At this point, we now have evidence that indicates that the attackers were able to take files from a small number of file servers used by our associates primarily for daily and routine tasks. These servers represent seven of the approximately 25,000 servers across our network. Though we are still investigating, we believe some of those files may contain Protected Health Information (PHI) and Personally Identifiable Information (PII) for certain individuals, although the specific data may differ from individual to individual." This one caught my eye, as I worked with a company that had this exact same thing happen, They had no end point security at the time other then basic laptop AV, and no network segmentation. They basically relied on the IPS/IDS of the firewall to do it all, and it cant. Source: https://thecyberwire.com/