On April 21, 2025, Union Health affiliates, including Union Hospital, Inc. and Union Medical Group (collectively “Union Health”) mailed notification letters to certain Union Health patients whose personal information was involved in the Oracle Health/Cerner incident.

An unknown party contacted Union Health claiming they had some patient information in their possession, which we verified on February 24, 2025. Union Health then identified the information as likely relating to data migration services performed by Oracle Health/Cerner, and proactively reached out to Oracle Health/Cerner for confirmation. We also immediately began an investigation with the assistance of cybersecurity specialists and notified law enforcement.

On March 15, 2025, Oracle Health/Cerner informed Union Health that it did have  a cybersecurity event involving unauthorized access to data hosted in Oracle Health/Cerner’s data migration environment. Oracle Health/Cerner further informed us that, on February 20, 2025, they first became aware of the incident and that their investigation identified the unauthorized party’s initial access as taking place sometime after January 22, 2025. On March 22, 2025, Oracle Health/Cerner provided us with a list of Union Health patients whose information was involved.

It is important to note that the incident occurred on Oracle Health/Cerner’s system, not Union Health’s systems.  In other words, this incident did not involve access to, or a compromise of, any Union Health owned, operated or administered systems, including  Union Health’s live EHR. 

Per Oracle Health/Cerner, the files involved in the incident contained information that varied per patient but could have included patients’ names and one or more of the following: Social Security numbers, driver’s license numbers, dates of birth, treating physicians, dates of service, medication information, insurance information and treatment and/or diagnostic information.

While the incident did not impact Union Health’s own network, we are notifying patients of this incident and sharing the steps that we are taking in response. We remain committed to upholding high standards of custodianship of Union Health information held by our third-party vendors, including Oracle Health/Cerner. Union Health is offering complimentary identity monitoring services to patients. Additionally, it is always a good idea for patients to review statements they receive related to their healthcare provider or health insurer. If they identify charges for services they did not receive, they should contact the healthcare entity or health insurer immediately.

We also established a dedicated, toll-free call center to help answer questions about the data incident. The call center can be reached at 1-888-562-7131, Monday through Friday, between 9:00 am and 9:00 pm Eastern Time, excluding major U.S. holidays.