ST. LOUIS, Mo (Civic Media) – One of the largest nonprofit health systems in the United States is working to restore operations after a ransomware attack caused widespread disruptions last month.

Ascension, which operates more than 2,600 locations in 19 states, revealed this week that the May cyberattack was caused by an employee who accidentally downloaded a malicious file onto the company’s network.

The ransomware attack crippled Ascension’s electronic health records system MyChart, phone lines, and systems used for ordering tests, procedures and medications. Hospitals were forced to divert ambulances, postpone non-emergency procedures, and track patient information using paper records.

An investigation found the attackers stole files from seven servers potentially containing protected health information and personal data, though full patient records do not appear to have been accessed.

“We regret any disruption or concern you may have experienced as a result of this incident,” an Ascension spokesperson said, calling it an “honest mistake” by the employee.

More than two weeks later, Ascension is still working to bring back online some systems like patient portals and medication ordering. The incident raised concerns about patient safety due to delays in retrieving test results, medical images and administering drugs.

Locally, Ascension has locations in West Allis, Racine, New Berlin, Oak Creek, and Franklin.

Ascension is offering free credit monitoring while its investigation continues into determining what data was compromised.