AAH
Company Details
Linkedin ID:
advocate-aurora-health
Employees number:
15,059
Number of followers:
78,983
NAICS:
62
Industry Type:
Homepage:
advocateaurorahealth.org
IP Addresses:
0
Company ID:
ADV_1090924
Scan Status:
In-progress
Advocate Aurora Health Company CyberSecurity Posture
advocateaurorahealth.org
Advocate Aurora Health and Atrium Health are now Advocate Health – the fifth-largest nonprofit integrated health system in the U.S. Advocate Health is the fifth-largest nonprofit integrated health system in the United States –created from the combination of Advocate Aurora Health and Atrium Health. Providing care under the names Advocate Health Care in Illinois, Atrium Health in the Carolinas, Georgia and Alabama, and Aurora Health Care in Wisconsin, Advocate Health is a national leader in clinical innovation, health outcomes, consumer experience and value-based care, with Wake Forest University School of Medicine serving as the academic core of the enterprise. Headquartered in Charlotte, North Carolina, Advocate Health serves nearly 6 million patients and is engaged in hundreds of clinical trials and research studies. It is nationally recognized for its expertise in cardiology, neurosciences, oncology, pediatrics and rehabilitation, as well as organ transplants, burn treatments and specialized musculoskeletal programs. Advocate Health employs nearly 150,000 team members across 67 hospitals and over 1,000 care locations, and offers one of the nation’s largest graduate medical education programs with over 2,000 residents and fellows across more than 200 programs. Committed to equitable care for all, Advocate Health provides nearly $5 billion in annual community benefits. Learn more: advocatehealth.org Read our social media community engagement guidelines: aah.org/social
Advocate Aurora Health A.I CyberSecurity Scoring
AAH Risk Score (AI oriented)Between 700 and 749
AAH
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
AAH Global Score (TPRM)XXXX
AAH
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
AAH Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Advocate Aurora Health
Breach
Rankiteo Explanation
Attack threatening the economy of a geographical region
Description: Advocate Aurora Health (AAH), a 26-hospital healthcare system in Wisconsin and Illinois, experienced a data breach that exposed the personal data of 3,000,000 patients. The incident was caused by the improper use of Meta Pixel on AAH's websites which is a tracker that helps website operators understand how visitors interact with the site. The incident compromised information including the IP address, Dates, times, and locations of scheduled appointments, Proximity to an AAH location, Medical provider information, Type of appointment or procedure, and Communications between MyChart users, which may have included first and last names and medical record numbers, Insurance information, Proxy account information etc of about 3 million people.
AAH Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for AAH
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Advocate Aurora Health in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Advocate Aurora Health in 2026.
Incident Types AAH vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Advocate Aurora Health in 2026.
Incident History — AAH (X = Date, Y = Severity)
AAH cyber incidents detection timeline including parent company and subsidiaries
AAH Company Subsidiaries
Advocate Aurora Health and Atrium Health are now Advocate Health – the fifth-largest nonprofit integrated health system in the U.S. Advocate Health is the fifth-largest nonprofit integrated health system in the United States –created from the combination of Advocate Aurora Health and Atrium Health. Providing care under the names Advocate Health Care in Illinois, Atrium Health in the Carolinas, Georgia and Alabama, and Aurora Health Care in Wisconsin, Advocate Health is a national leader in clinical innovation, health outcomes, consumer experience and value-based care, with Wake Forest University School of Medicine serving as the academic core of the enterprise. Headquartered in Charlotte, North Carolina, Advocate Health serves nearly 6 million patients and is engaged in hundreds of clinical trials and research studies. It is nationally recognized for its expertise in cardiology, neurosciences, oncology, pediatrics and rehabilitation, as well as organ transplants, burn treatments and specialized musculoskeletal programs. Advocate Health employs nearly 150,000 team members across 67 hospitals and over 1,000 care locations, and offers one of the nation’s largest graduate medical education programs with over 2,000 residents and fellows across more than 200 programs. Committed to equitable care for all, Advocate Health provides nearly $5 billion in annual community benefits. Learn more: advocatehealth.org Read our social media community engagement guidelines: aah.org/social
Loading...
AAH Similar Companies
Texas Children's Hospital
Texas Children’s Hospital is a world-class pediatric facility, nationally recognized as a top children’s hospital, and voted one of the best places to work in Houston for nine years running. We’re committed to creating a healthy community for children by providing the best pediatric care possible, t
For more than 100 years, Children’s Healthcare of Atlanta has depended on clinical and nonclinical employees to help make kids better today and healthier tomorrow. Consistently ranked as one of the leading pediatric healthcare systems in the country by U.S. News & World Report, Children’s is the onl
American Medical Response
American Medical Response, America’s leading provider of medical transportation, has a single mission: making a difference by caring for people in need. AMR solutions include 911 emergency, interfacility transportation, event medical, advanced & basic life support transports and federal disaster res
Advocate Health Care is proud to be a part of Advocate Health, the third-largest nonprofit integrated health system in the U.S. Advocate Health is the third-largest nonprofit, integrated health system in the United States, created from the combination of Advocate Aurora Health and Atrium Health. Pr
Baylor Scott & White Health
With us by your side, there's no stopping you. It's why we're creating a new kind of healthcare at Baylor Scott & White. And we're just getting started. As the largest not-for-profit health system in the state of Texas, Baylor Scott & White promotes the health and well-being of every individual, fa
Bon Secours Mercy Health
On September 1, 2018 Bon Secours Health System and Mercy Health combined to become the United States’ fifth largest Catholic health care ministry and one of the nation’s 20 largest health care systems. With 48 hospitals, thousands of providers, over 1,000 points of care and over 60,000 employees Bon
NYU Langone Health
NYU Langone Health is a fully integrated health system that consistently achieves the best patient outcomes through a rigorous focus on quality that has resulted in some of the lowest mortality rates in the nation. Vizient Inc. has ranked NYU Langone No. 1 out of 118 comprehensive academic medical c
Clear and confident health care decisions begin with questions. At Labcorp, we’re constantly in pursuit of answers. As a global leader of innovative and comprehensive laboratory services, we help doctors, hospitals, pharmaceutical companies, researchers and patients make clear and confident decisi
Norton Healthcare is a leader in serving adult and pediatric patients from throughout Greater Louisville, Southern Indiana, the commonwealth of Kentucky and beyond. The not-for-profit hospital and health care system is Louisville’s second largest employer, with more than 18,600 employees, over 1,75
.png)
AAH CyberSecurity News
January 04, 2026 08:00 AM
Healthcare Data Breach Statistics
In 2023, 725 data breaches were reported to OCR and across those breaches, more than 133 million records were exposed or impermissibly disclosed.
December 01, 2025 08:00 AM
Health care organizations: A cyber criminal’s treasure trove
Health care organizations are increasingly targeted by cybercriminals, putting sensitive patient data and practice operations at risk,...
June 23, 2025 07:00 AM
The top 10 nonprofit health systems by 2024 operating revenue
Operating revenues popped across fiscal 2024 as many of the largest nonprofits combined strong demand with capacity increases.
May 28, 2025 07:00 AM
Shields Health Care Group settles breach lawsuit for $15.35M
Learn about a proposed data breach settlement that requires Shields Health Care Group to pay $15.35 million over a breach that hit over 2...
April 29, 2025 07:00 AM
Health Insurance Provider Blue Shield of California Discloses Accidental Sharing of Customer Health Data Via Google Analytics
A major data breach at health insurance giant Blue Shield of California appears to be a case of misconfiguring advertising analytics tools.
March 24, 2025 07:00 AM
A Survey on Internet of Medical Things (IoMT): Enabling Technologies, Security and Explainability Issues, Challenges, and Future Directions
Internet of Medical Things (IoMT) paradigm refers to the process of collection, transmission and analysis of healthcare data using...
January 21, 2025 08:00 AM
4 Takeaways from the J.P. Morgan Healthcare Conference
Health care executives continue to reimagine and reshape their organizations. Their ideas were developing in real time during last week's...
December 22, 2024 08:00 AM
Inside Aurora's Thriving Tech Hub: Startups and Success Stories
Discover the booming tech hub in Aurora, Illinois, US. Learn about startups, support systems, education, and future prospects in Aurora's...
November 19, 2024 08:00 AM
Advocate Aurora Looks to Kill Health Plan Tobacco Penalty Suit
Advocate Aurora Health Inc. defended its practice of charging tobacco-using employees more for health coverage, saying the workers...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
AAH CyberSecurity History Information
Official Website of Advocate Aurora Health
The official website of Advocate Aurora Health is http://www.advocateaurorahealth.org.
Advocate Aurora Health’s AI-Generated Cybersecurity Score
According to Rankiteo, Advocate Aurora Health’s AI-generated cybersecurity score is 742, reflecting their Moderate security posture.
How many security badges does Advocate Aurora Health’ have ?
According to Rankiteo, Advocate Aurora Health currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Advocate Aurora Health been affected by any supply chain cyber incidents ?
According to Rankiteo, Advocate Aurora Health has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Advocate Aurora Health have SOC 2 Type 1 certification ?
According to Rankiteo, Advocate Aurora Health is not certified under SOC 2 Type 1.
Does Advocate Aurora Health have SOC 2 Type 2 certification ?
According to Rankiteo, Advocate Aurora Health does not hold a SOC 2 Type 2 certification.
Does Advocate Aurora Health comply with GDPR ?
According to Rankiteo, Advocate Aurora Health is not listed as GDPR compliant.
Does Advocate Aurora Health have PCI DSS certification ?
According to Rankiteo, Advocate Aurora Health does not currently maintain PCI DSS compliance.
Does Advocate Aurora Health comply with HIPAA ?
According to Rankiteo, Advocate Aurora Health is not compliant with HIPAA regulations.
Does Advocate Aurora Health have ISO 27001 certification ?
According to Rankiteo,Advocate Aurora Health is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Advocate Aurora Health
Advocate Aurora Health operates primarily in the Hospitals and Health Care industry.
Number of Employees at Advocate Aurora Health
Advocate Aurora Health employs approximately 15,059 people worldwide.
Subsidiaries Owned by Advocate Aurora Health
Advocate Aurora Health presently has no subsidiaries across any sectors.
Advocate Aurora Health’s LinkedIn Followers
Advocate Aurora Health’s official LinkedIn profile has approximately 78,983 followers.
NAICS Classification of Advocate Aurora Health
Advocate Aurora Health is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Advocate Aurora Health’s Presence on Crunchbase
Yes, Advocate Aurora Health has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/advocate-aurora-health.
Advocate Aurora Health’s Presence on LinkedIn
Yes, Advocate Aurora Health maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/advocate-aurora-health.
Cybersecurity Incidents Involving Advocate Aurora Health
As of January 21, 2026, Rankiteo reports that Advocate Aurora Health has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Advocate Aurora Health has an estimated 31,578 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Advocate Aurora Health ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: Advocate Aurora Health Data Breach
Description: Advocate Aurora Health (AAH), a 26-hospital healthcare system in Wisconsin and Illinois, experienced a data breach that exposed the personal data of 3,000,000 patients. The incident was caused by the improper use of Meta Pixel on AAH's websites which is a tracker that helps website operators understand how visitors interact with the site. The incident compromised information including the IP address, Dates, times, and locations of scheduled appointments, Proximity to an AAH location, Medical provider information, Type of appointment or procedure, and Communications between MyChart users, which may have included first and last names and medical record numbers, Insurance information, Proxy account information etc of about 3 million people.
Type: Data Breach
Attack Vector: Improper use of Meta Pixel
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach ADV058241022
Data Compromised: Ip address, Dates, times, and locations of scheduled appointments, Proximity to an aah location, Medical provider information, Type of appointment or procedure, Communications between mychart users, First and last names, Medical record numbers, Insurance information, Proxy account information
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Ip Address, Dates, Times, And Locations Of Scheduled Appointments, Proximity To An Aah Location, Medical Provider Information, Type Of Appointment Or Procedure, Communications Between Mychart Users, First And Last Names, Medical Record Numbers, Insurance Information, Proxy Account Information and .
Which entities were affected by each incident ?
Incident : Data Breach ADV058241022
Entity Name: Advocate Aurora Health
Entity Type: Healthcare System
Industry: Healthcare
Location: WisconsinIllinois
Size: 26 hospitals
Customers Affected: 3000000
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach ADV058241022
Type of Data Compromised: Ip address, Dates, times, and locations of scheduled appointments, Proximity to an aah location, Medical provider information, Type of appointment or procedure, Communications between mychart users, First and last names, Medical record numbers, Insurance information, Proxy account information
Number of Records Exposed: 3000000
Personally Identifiable Information: First and last namesMedical record numbersInsurance information
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were IP address, Dates, times, and locations of scheduled appointments, Proximity to an AAH location, Medical provider information, Type of appointment or procedure, Communications between MyChart users, First and last names, Medical record numbers, Insurance information, Proxy account information and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Communications between MyChart users, First and last names, Type of appointment or procedure, Proxy account information, Medical provider information, Dates, times, and locations of scheduled appointments, IP address, Medical record numbers, Insurance information and Proximity to an AAH location.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 300.0.
.png)
Latest Global CVEs (Not Company-Specific)
Description
SummaryA command injection vulnerability (CWE-78) has been found to exist in the `wrangler pages deploy` command. The issue occurs because the `--commit-hash` parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of `--commit-hash` to execute arbitrary commands on the system running Wrangler. Root causeThe commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(`git show -s --format=%B ${commitHash}`)). Shell metacharacters are interpreted by the shell, enabling command execution. ImpactThis vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where `wrangler pages deploy` is used in automated pipelines and the --commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to: * Run any shell command. * Exfiltrate environment variables. * Compromise the CI runner to install backdoors or modify build artifacts. Credits Disclosed responsibly by kny4hacker. Mitigation * Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher. * Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher. * Users on Wrangler v2 (EOL) should upgrade to a supported major version.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L).
Risk Information
cvss3
Base: 8.1
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=advocate-aurora-health' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
