ChristianaCare vendor Oracle Health exposed in cybersecurity incident
Show Caption Hide Caption Millions of Americans personal info hacked in data breach Millions of Social Security numbers were hacked after a massive data breach. Here's how to protect yourself.
ChristianaCare has announced that a cybersecurity incident of its third-party electronic medical records vendor Oracle Health, formerly Cerner Corp., exposed patients' information and medical records.
Delaware's largest health care provider did not release the number of affected patients, but letters are being mailed to patients whose information was involved in this incident.
The data varied by patient, but it could include names; Social Security numbers; and patient medical records, such as medical record numbers, doctors, diagnoses, medicines, test results, images, care and treatment.
DATA BREACH: How to protect your information after it has been compromised
"ChristianaCare’s IT systems were not impacted, and there was no disruption to ChristianaCare’s clinical operations," according to a Nov. 26 statement issued by ChristianaCare.
When did the data breach occur?
Oracle Health informed ChristianaCare in April that an unauthorized third party gained access to legacy Cerner systems as early as Jan. 22.
On Sept. 29, Oracle Health provided ChristianaCare with a list of patients whose information may have been involved in the breach.
The data breach affected multiple health care organizations across the countr
ChristianaCare cybersecurity rating report: https://www.rankiteo.com/company/christianacare
"id": "CHR1764431992",
"linkid": "christianacare",
"type": "Breach",
"date": "1/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'unknown (letters '
'mailed to affected '
'patients)',
'industry': 'healthcare',
'location': 'Delaware, USA',
'name': 'ChristianaCare',
'size': "Delaware's largest healthcare "
'provider',
'type': 'healthcare provider'},
{'customers_affected': 'multiple '
'healthcare '
'organizations '
'nationwide',
'industry': 'healthcare IT / electronic '
'medical records',
'location': None,
'name': 'Oracle Health (formerly Cerner '
'Corp.)',
'size': None,
'type': 'vendor'}],
'customer_advisories': 'letters mailed to affected patients',
'data_breach': {'data_encryption': None,
'data_exfiltration': 'likely (unauthorized '
'access confirmed)',
'file_types_exposed': ['text records', 'images'],
'number_of_records_exposed': None,
'personally_identifiable_information': ['names',
'Social '
'Security '
'numbers',
'medical '
'record '
'numbers'],
'sensitivity_of_data': 'high (includes Social '
'Security numbers and '
'medical records)',
'type_of_data_compromised': ['personal '
'information',
'medical records']},
'date_detected': '2024-01-22',
'date_publicly_disclosed': '2024-11-26',
'description': 'ChristianaCare announced that a cybersecurity '
'incident involving its third-party electronic '
'medical records vendor, Oracle Health (formerly '
"Cerner Corp.), exposed patients' personal and "
'medical information. The breach affected '
'multiple healthcare organizations nationwide. '
'The exposed data varied by patient but may '
'include names, Social Security numbers, medical '
'record numbers, doctors, diagnoses, medicines, '
'test results, images, care, and treatment '
'details. ChristianaCare’s IT systems were not '
'impacted, and clinical operations remained '
'undisrupted.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': ['names',
'Social Security numbers',
'medical record numbers',
'doctors',
'diagnoses',
'medicines',
'test results',
'images',
'care and treatment details'],
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'high (Social Security numbers '
'exposed)',
'legal_liabilities': None,
'operational_impact': 'none (ChristianaCare’s IT '
'systems and clinical '
'operations were not disrupted)',
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': ['legacy Cerner systems (Oracle '
'Health)']},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': ['patient '
'medical '
'records',
'Social '
'Security '
'numbers'],
'reconnaissance_period': None},
'investigation_status': 'ongoing (patient notifications in '
'progress)',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': '2024-11-26',
'source': 'ChristianaCare public statement',
'url': None},
{'date_accessed': None,
'source': 'News report on data breach (caption: '
"'Millions of Americans' personal info "
"hacked in data breach')",
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'letters mailed to '
'affected patients',
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'threat_actor': 'unauthorized third party',
'title': 'ChristianaCare Vendor Oracle Health Cybersecurity '
'Incident',
'type': ['data breach', 'unauthorized access']}