OSF HealthCare
Company Details
Linkedin ID:
osf-healthcare
Website:
Employees number:
12,123
Number of followers:
44,750
NAICS:
62
Industry Type:
Homepage:
osfhealthcare.org
IP Addresses:
75
Company ID:
OSF_3380408
Scan Status:
Completed
OSF HealthCare Company CyberSecurity Posture
osfhealthcare.org
OSF HealthCare is an integrated health system founded by The Sisters of the Third Order of St. Francis. Headquartered in Peoria, Illinois, OSF HealthCare has 17 hospitals – 11 acute care, five critical access and one continuing care – with 2,305 licensed beds throughout Illinois and Michigan. OSF employs more than 26,000 Mission Partners across 171 locations; has two colleges of nursing; operates OSF Home Care Services, an extensive network of home health and hospice services; owns Pointcore, Inc., comprised of health care-related businesses; OSF HealthCare Foundation, the philanthropic arm for the organization; and OSF Ventures, which provides investment capital for promising health care innovation startups. In 2020, OSF OnCall was established as a digital health operating unit and includes a hospital-at-home program. OSF OnCall delivers care and services when, where and how patients prefer to receive them. OSF HealthCare has been recognized by Fortune as one of the most innovative companies in the country. OSF consistently earns recognition for showing dedication to the well-being of its Mission Partners: •America’s Best-in-State Employers | Forbes Magazine | 2018-2025 •150 Top Places to Work in Healthcare | Becker’s Healthcare | 2019, 2022-2025 •Best Employers for Women | Forbes Magazine | 2020 OSF HealthCare is an Equal Opportunity Employer (EOE). By engaging with this page, you acknowledge and agree to follow our social media terms of use, which you can find here: https://www.osfhealthcare.org/patients-visitors/terms-conditions/social-terms
OSF HealthCare A.I CyberSecurity Scoring
OSF HealthCare Risk Score (AI oriented)Between 650 and 699
OSF HealthCare
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
OSF HealthCare Global Score (TPRM)XXXX
OSF HealthCare
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
OSF HealthCare Company CyberSecurity News & History
Past Incidents
3
Attack Types
3
Cerner CorporationOSF HealthCare, Cerner and OSF Saint Clare Medical Center: Data breach exposes sensitive patient information across multiple OSF facilities
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Cybersecurity Incident at OSF HealthCare Exposes Patient Data via Former Vendor Cerner OSF HealthCare disclosed a cybersecurity incident involving its former electronic health record (EHR) vendor, Cerner, which may have exposed sensitive patient information. The breach, detected in September, stemmed from unauthorized access to legacy Cerner systems as early as January 2024. While OSF confirmed the incident did not affect its own systems or hospital operations, it impacted multiple healthcare facilities, though only patients of OSF Saint Clare Medical Center in Princeton were formally notified. Cerner, which no longer provides services to OSF, identified the breach and launched an investigation, securing the compromised systems and engaging external cybersecurity experts. Law enforcement requested a delay in notifying affected parties to avoid interfering with the probe. OSF began notifying patients in November after Cerner completed a data review, providing a list of individuals whose information may have been accessed. Exposed data includes patient names, Social Security numbers, medical record details (such as diagnoses, medications, test results, and treatment information), and physician names. As a precaution, OSF and Cerner are offering two years of complimentary credit monitoring and identity restoration services to affected patients. The incident highlights broader vulnerabilities in third-party healthcare IT systems, with Cerner confirming the breach extended beyond OSF facilities.
OSF HealthCare
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: OSF Healthcare in Illinois was attacked and data was exfiltrated from their systems by threat actor Xing Team. Xing Team started dumping patients data which apparently belonged to 53,907 OSF patients. The dumped data included patient names and contact information; dates of birth; Social Security numbers; driver’s license numbers; state or government identification numbers; treatment and diagnosis information and codes; physician names, dates of service, hospital units, prescription information and medical record numbers; and Medicare, Medicaid or other health insurance information. OSF Healthcare offered complimentary credit monitoring and identity protection services through Experian.
OSF HealthCare
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: OSF HealthCare is committed to protecting the security and privacy of patient information suffered from a data breach incident after an unauthorized party gained access to their systems. The compromised information includes Dates of birth, Social Security numbers, driver's license numbers, state or government identification numbers, codes for diagnoses and treatments, names of the treating physicians, dates of their services, hospital units, prescription information, and medical records numbers, as well as Medicare, Medicaid, or other insurance information, are all examples of patient data. Financial account information, credit or debit card information, or login credentials for an online financial account were also present in the files involved in the incident for a smaller group of patients. They took this incident seriously and took preventive steps.
OSF HealthCare Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for OSF HealthCare
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for OSF HealthCare in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for OSF HealthCare in 2026.
Incident Types OSF HealthCare vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for OSF HealthCare in 2026.
Incident History — OSF HealthCare (X = Date, Y = Severity)
OSF HealthCare cyber incidents detection timeline including parent company and subsidiaries
OSF HealthCare Company Subsidiaries
OSF HealthCare is an integrated health system founded by The Sisters of the Third Order of St. Francis. Headquartered in Peoria, Illinois, OSF HealthCare has 17 hospitals – 11 acute care, five critical access and one continuing care – with 2,305 licensed beds throughout Illinois and Michigan. OSF employs more than 26,000 Mission Partners across 171 locations; has two colleges of nursing; operates OSF Home Care Services, an extensive network of home health and hospice services; owns Pointcore, Inc., comprised of health care-related businesses; OSF HealthCare Foundation, the philanthropic arm for the organization; and OSF Ventures, which provides investment capital for promising health care innovation startups. In 2020, OSF OnCall was established as a digital health operating unit and includes a hospital-at-home program. OSF OnCall delivers care and services when, where and how patients prefer to receive them. OSF HealthCare has been recognized by Fortune as one of the most innovative companies in the country. OSF consistently earns recognition for showing dedication to the well-being of its Mission Partners: •America’s Best-in-State Employers | Forbes Magazine | 2018-2025 •150 Top Places to Work in Healthcare | Becker’s Healthcare | 2019, 2022-2025 •Best Employers for Women | Forbes Magazine | 2020 OSF HealthCare is an Equal Opportunity Employer (EOE). By engaging with this page, you acknowledge and agree to follow our social media terms of use, which you can find here: https://www.osfhealthcare.org/patients-visitors/terms-conditions/social-terms
Loading...
OSF HealthCare Similar Companies
Sentara Health
Sentara Health, an integrated, not-for-profit health care delivery system, celebrates more than 135 years in pursuit of its mission - "we improve health every day." Sentara is one of the largest health systems in the U.S. Mid-Atlantic and Southeast, and among the top 20 largest not-for-profit integr
Baptist Health
Baptist Health South Florida is the region’s largest not-for-profit healthcare organization with 12 hospitals, more than 29,000 employees, 4,500 physicians, and 200 outpatient centers, urgent care facilities, and physician practices spanning across Miami-Dade, Monroe, Broward, and Palm Beach countie
At the heart of health care, you’ll find Kaiser Permanente. As the nation’s leading not-for-profit, integrated health plan, we make a difference in the lives of members, patients, and communities across the country. With 39 hospitals and more than 734 locations in eight states and the District of
NewYork-Presbyterian Hospital
At NewYork-Presbyterian, we put patients first. It’s the kind of work that requires an unwavering commitment to excellence and a steady spirit of professionalism. And it’s a unique opportunity for you to collaborate with some of the brightest minds in health care, while building on our success as on
The Cigna Group
The Cigna Group is a global health company committed to creating a better future built on the vitality of every individual and every community. We relentlessly challenge ourselves to partner and innovate solutions for better health. The Cigna Group includes products and services marketed under Cig
Einstein Hospital Israelita
O nascimento da Sociedade Beneficente Israelita Brasileira Albert Einstein, na década de 50, resultou do compromisso da comunidade judaica em oferecer à população brasileira uma referência em qualidade da prática médica. Mas a Sociedade queria ir além da simples construção de um hospital. E assi
Atrium Health Wake Forest Baptist
Atrium Health Wake Forest Baptist is a nationally recognized academic medical center and health system based in Winston-Salem, NC, part of Advocate Health, the third-largest nonprofit health system in the United States. Atrium Health Wake Forest Baptist’s two main components are an integrated clin
Norton Healthcare is a leader in serving adult and pediatric patients from throughout Greater Louisville, Southern Indiana, the commonwealth of Kentucky and beyond. The not-for-profit hospital and health care system is Louisville’s second largest employer, with more than 18,600 employees, over 1,75
Genesis
As a premier care provider since 1985, Genesis HealthCare is a holding company with subsidiaries that, on a combined basis, provide services to skilled nursing facilities and senior living communities. Genesis also specializes in contract rehabilitation therapy, respiratory therapy, physician servic
.png)
OSF HealthCare CyberSecurity News
January 19, 2026 10:12 PM
OSF HealthCare names Sister M. Mikela Meidl as next president
Sister M. Mikela Meidl will be the next president of OSF HealthCare, as part of the transition that includes CEO Bob Sehring's retirement in...
January 19, 2026 09:47 PM
OSF HealthCare announces new president
OSF HealthCare has appointed a new president. According to a release from OSF HealthCare, Sister M. Mikela Meidl replaces current president...
January 02, 2026 08:00 AM
OSF HealthCare Foundation president to retire in April
Tom Hammerton, the president of OSF HealthCare Foundation and chief development officer for OSF HealthCare, will be retiring on April 3,...
January 01, 2026 08:00 AM
OSF HealthCare Saint Francis welcomes 2026’s Baby New Year
OSF HealthCare Saint Francis Medical Center in Peoria welcomed its first babies of 2026, including two baby boys named Emmett and Atlas,...
December 30, 2025 08:00 AM
80 Hospitals May Have Been Affected by the Oracle Health Data Breach
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a security alert about the recently confirmed Oracle data breach.
December 24, 2025 08:00 AM
Data breach exposes sensitive patient information across multiple OSF facilities
OSF Saint Clare Medical Center in Princeton recently notified patients that some of their personal and medical information may have been...
December 24, 2025 08:00 AM
Leadership plan in place for OSF HealthCare
With the recent resignation of Lisa DeKezel, president of OSF HealthCare St. Mary Medical Center in Galesburg and OSF HealthCare Holy Family...
December 03, 2025 10:30 AM
Tata Elxsi, UIUC & OSF HealthCare Team Up to Expand Rural Healthcare Access in the U.S.
"Tata Elxsi, UIUC, and OSF HealthCare join forces to boost rural healthcare access in the U.S. through innovative healthcare technologies such as AI and...
December 02, 2025 08:00 AM
How OSF HealthCare is using RPM to serve maternity deserts
Brandi Clark is vice president for digital care at OSF OnCall, the virtual urgent care service of Peoria, Illinois-based OSF HealthCare.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
OSF HealthCare CyberSecurity History Information
Official Website of OSF HealthCare
The official website of OSF HealthCare is http://www.osfhealthcare.org.
OSF HealthCare’s AI-Generated Cybersecurity Score
According to Rankiteo, OSF HealthCare’s AI-generated cybersecurity score is 664, reflecting their Weak security posture.
How many security badges does OSF HealthCare’ have ?
According to Rankiteo, OSF HealthCare currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has OSF HealthCare been affected by any supply chain cyber incidents ?
According to Rankiteo, OSF HealthCare has been affected by a supply chain cyber incident involving Cerner Corporation, with the incident ID OSFCEROSF1766606283.
Does OSF HealthCare have SOC 2 Type 1 certification ?
According to Rankiteo, OSF HealthCare is not certified under SOC 2 Type 1.
Does OSF HealthCare have SOC 2 Type 2 certification ?
According to Rankiteo, OSF HealthCare does not hold a SOC 2 Type 2 certification.
Does OSF HealthCare comply with GDPR ?
According to Rankiteo, OSF HealthCare is not listed as GDPR compliant.
Does OSF HealthCare have PCI DSS certification ?
According to Rankiteo, OSF HealthCare does not currently maintain PCI DSS compliance.
Does OSF HealthCare comply with HIPAA ?
According to Rankiteo, OSF HealthCare is not compliant with HIPAA regulations.
Does OSF HealthCare have ISO 27001 certification ?
According to Rankiteo,OSF HealthCare is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of OSF HealthCare
OSF HealthCare operates primarily in the Hospitals and Health Care industry.
Number of Employees at OSF HealthCare
OSF HealthCare employs approximately 12,123 people worldwide.
Subsidiaries Owned by OSF HealthCare
OSF HealthCare presently has no subsidiaries across any sectors.
OSF HealthCare’s LinkedIn Followers
OSF HealthCare’s official LinkedIn profile has approximately 44,750 followers.
NAICS Classification of OSF HealthCare
OSF HealthCare is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
OSF HealthCare’s Presence on Crunchbase
No, OSF HealthCare does not have a profile on Crunchbase.
OSF HealthCare’s Presence on LinkedIn
Yes, OSF HealthCare maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/osf-healthcare.
Cybersecurity Incidents Involving OSF HealthCare
As of January 23, 2026, Rankiteo reports that OSF HealthCare has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
OSF HealthCare has an estimated 31,604 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at OSF HealthCare ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware, Data Leak and Breach.
How does OSF HealthCare detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with experian, and remediation measures with complimentary credit monitoring and identity protection services, and incident response plan activated with yes (by cerner), and third party assistance with external cybersecurity specialists, and law enforcement notified with yes, and containment measures with secured affected systems, and communication strategy with delayed patient notification at the request of investigators..
Incident Details
Can you provide details on each incident ?
Title: Data Exfiltration at OSF Healthcare
Description: OSF Healthcare in Illinois was attacked and data was exfiltrated from their systems by threat actor Xing Team. Xing Team started dumping patients data which apparently belonged to 53,907 OSF patients. The dumped data included patient names and contact information; dates of birth; Social Security numbers; driver’s license numbers; state or government identification numbers; treatment and diagnosis information and codes; physician names, dates of service, hospital units, prescription information and medical record numbers; and Medicare, Medicaid or other health insurance information. OSF Healthcare offered complimentary credit monitoring and identity protection services through Experian.
Type: Data Breach
Threat Actor: Xing Team
Title: OSF HealthCare Data Breach
Description: OSF HealthCare suffered from a data breach incident after an unauthorized party gained access to their systems.
Type: Data Breach
Title: OSF Healthcare Patient Data Breach via Former Vendor Cerner
Description: OSF confirmed that patients' personal and medical information may have been exposed in a breach involving its former electronic health record software vendor, Cerner. An unauthorized third party gained access to legacy Cerner systems, potentially compromising patient data from multiple OSF facilities.
Date Detected: 2023-09
Date Resolved: 2023-11
Type: Data Breach
Attack Vector: Unauthorized third-party access
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Legacy Cerner systems.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach OSF22412822
Data Compromised: Patient names, Contact information, Dates of birth, Social security numbers, Driver’s license numbers, State or government identification numbers, Treatment and diagnosis information and codes, Physician names, Dates of service, Hospital units, Prescription information, Medical record numbers, Medicare, Medicaid or other health insurance information
Incident : Data Breach OSF19491222
Data Compromised: Dates of birth, Social security numbers, Driver's license numbers, State or government identification numbers, Codes for diagnoses and treatments, Names of the treating physicians, Dates of their services, Hospital units, Prescription information, Medical records numbers, Medicare, medicaid, or other insurance information, Financial account information, Credit or debit card information, Login credentials for an online financial account
Incident : Data Breach OSFCEROSF1766606283
Data Compromised: Patient names, Social Security numbers, medical record numbers, physicians, diagnoses, medications, test results, images, and details related to care and treatment
Systems Affected: Legacy Cerner systems
Operational Impact: No impact on hospital operations
Identity Theft Risk: High (due to exposure of SSNs and medical records)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Patient Names, Contact Information, Dates Of Birth, Social Security Numbers, Driver’S License Numbers, State Or Government Identification Numbers, Treatment And Diagnosis Information And Codes, Physician Names, Dates Of Service, Hospital Units, Prescription Information, Medical Record Numbers, Medicare, Medicaid Or Other Health Insurance Information, , Personal Information, Medical Information, Financial Information, , Personal Identifiable Information (Pii), Protected Health Information (Phi) and .
Which entities were affected by each incident ?
Incident : Data Breach OSF22412822
Entity Name: OSF Healthcare
Entity Type: Healthcare
Industry: Healthcare
Location: Illinois
Customers Affected: 53907
Incident : Data Breach OSF19491222
Entity Name: OSF HealthCare
Entity Type: Healthcare
Industry: Healthcare
Incident : Data Breach OSFCEROSF1766606283
Entity Name: OSF Saint Clare Medical Center
Entity Type: Hospital
Industry: Healthcare
Location: Princeton
Customers Affected: Patients of OSF Saint Clare Medical Center and other OSF facilities
Incident : Data Breach OSFCEROSF1766606283
Entity Name: Cerner
Entity Type: Electronic Health Record Vendor
Industry: Healthcare IT
Customers Affected: Multiple healthcare facilities
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach OSF22412822
Third Party Assistance: Experian
Remediation Measures: Complimentary credit monitoring and identity protection services
Incident : Data Breach OSFCEROSF1766606283
Incident Response Plan Activated: Yes (by Cerner)
Third Party Assistance: External cybersecurity specialists
Law Enforcement Notified: Yes
Containment Measures: Secured affected systems
Communication Strategy: Delayed patient notification at the request of investigators
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes (by Cerner).
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Experian, External cybersecurity specialists.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach OSF22412822
Type of Data Compromised: Patient names, Contact information, Dates of birth, Social security numbers, Driver’s license numbers, State or government identification numbers, Treatment and diagnosis information and codes, Physician names, Dates of service, Hospital units, Prescription information, Medical record numbers, Medicare, Medicaid or other health insurance information
Number of Records Exposed: 53907
Sensitivity of Data: High
Incident : Data Breach OSF19491222
Type of Data Compromised: Personal information, Medical information, Financial information
Sensitivity of Data: High
Incident : Data Breach OSFCEROSF1766606283
Type of Data Compromised: Personal identifiable information (pii), Protected health information (phi)
Sensitivity of Data: High
Personally Identifiable Information: Names, Social Security numbers, medical record numbers, diagnoses, medications, test results, images, and treatment details
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Complimentary credit monitoring and identity protection services, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by secured affected systems.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach OSFCEROSF1766606283
Regulations Violated: HIPAA,
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Data Breach OSFCEROSF1766606283
Recommendations: Offer complimentary credit monitoring and identity restoration services to affected patients
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Offer complimentary credit monitoring and identity restoration services to affected patients.
References
Where can I find more information about each incident ?
Incident : Data Breach OSFCEROSF1766606283
Source: Shaw Local News Network
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Shaw Local News Network.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach OSFCEROSF1766606283
Investigation Status: Completed (data review finalized in November 2023)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Delayed patient notification at the request of investigators.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach OSFCEROSF1766606283
Customer Advisories: Notification letters sent to affected patients
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Notification letters sent to affected patients.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach OSFCEROSF1766606283
Entry Point: Legacy Cerner systems
Reconnaissance Period: As early as January 2023
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach OSFCEROSF1766606283
Root Causes: Unauthorized third-party access to legacy systems
Corrective Actions: OSF no longer uses Cerner’s services
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Experian, External cybersecurity specialists.
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: OSF no longer uses Cerner’s services.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Xing Team.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-09.
What was the most recent incident resolved ?
Most Recent Incident Resolved: The most recent incident resolved was on 2023-11.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were patient names, contact information, dates of birth, Social Security numbers, driver’s license numbers, state or government identification numbers, treatment and diagnosis information and codes, physician names, dates of service, hospital units, prescription information, medical record numbers, Medicare, Medicaid or other health insurance information, , Dates of birth, Social Security numbers, Driver's license numbers, State or government identification numbers, Codes for diagnoses and treatments, Names of the treating physicians, Dates of their services, Hospital units, Prescription information, Medical records numbers, Medicare, Medicaid, or other insurance information, Financial account information, Credit or debit card information, Login credentials for an online financial account, , Patient names, Social Security numbers, medical record numbers, physicians, diagnoses, medications, test results, images and and details related to care and treatment.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Experian, External cybersecurity specialists.
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Secured affected systems.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were driver’s license numbers, Medicaid or other health insurance information, Dates of their services, hospital units, medical record numbers, Names of the treating physicians, Driver's license numbers, Login credentials for an online financial account, Credit or debit card information, Hospital units, Social Security numbers, contact information, Prescription information, State or government identification numbers, dates of service, patient names, state or government identification numbers, Medical records numbers, Medicare, physician names, dates of birth, Financial account information, Medicare, Medicaid, or other insurance information, Patient names, Social Security numbers, medical record numbers, physicians, diagnoses, medications, test results, images, and details related to care and treatment, prescription information, Dates of birth, treatment and diagnosis information and codes and Codes for diagnoses and treatments.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 546.0.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Offer complimentary credit monitoring and identity restoration services to affected patients.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Shaw Local News Network.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Completed (data review finalized in November 2023).
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Notification letters sent to affected patients.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Legacy Cerner systems.
What was the most recent reconnaissance period for an incident ?
Most Recent Reconnaissance Period: The most recent reconnaissance period for an incident was As early as January 2023.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
Azure Entra ID Elevation of Privilege Vulnerability
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.
Risk Information
cvss4
Base: 2.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=osf-healthcare' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
