The Aultman Health System has notified its patients that Cerner, a vendor it uses, has been affected by a third-party data breach that may affect some individuals' personal information.
"At Aultman, safety remains our highest priority. With that in mind, we wanted to share the Cerner Corporation, a company Aultman partners with to provide electronic medical record services, recently made us aware of a security event in which a third party gained access to protected health information on some Cerner systems. No active Aultman systems were impacted by this incident," the hospital system said.
According to Aultman, the breach happened as early as Jan. 22, 2025, on "legacy Cerner systems."
"The vendor later informed us that law enforcement investigators directed a delay in notifying patients, as well as hospital customers, about this incident because it could have impeded their investigation," the hospital system said.
Impacted data may include:
- Names
- Social Security numbers
- Patient medical records that may include record numbers, doctors, diagnoses, medicines, test results, images, care and treatment.
"We are coordinating closely with the vendor. As soon as the vendor learned of the incident, the vendor initiated its critical incident response process and took steps to secure the impacted systems. The vendor also began an investigation and engaged external cybersecurity specialists to help. The vendor also engaged with federal law enforcement," the hospital system said.
Cerner is offering complementary identity protection services through Experian to patients affected by the breach.
Anyone with questions about the breach or those who would like to enroll in credit monitoring services may call Cerner at 1-833-918-1127 and reference engagement number "B156918" for more information.
