Cyber Incident Victim: Aultman Health Foundation

Between February and March 2018, unauthorized individuals gained access to certain email accounts belonging to Aultman Health Foundation or its affiliated entities. The breach impacted approximately 42,600 patients associated with AultWorks Occupational Medicine, Aultman Hospital, and several Aultman physician offices. Aultman first became aware of the unauthorized access on March 28, 2018, indicating a potential two-month window between initial compromise and detection. The organization did not publicly disclose the specific method of intrusion or whether multiple email accounts were compromised simultaneously or sequentially during this period. No evidence suggests the attackers accessed systems beyond the email accounts specified in the disclosure.

The compromised email accounts contained personal health information and identification details of patients, though the foundation did not specify exact data elements exposed. Aultman initiated patient notification procedures nearly two months after discovery, issuing a formal news release on May 25, 2018. The breach did not affect all Aultman Health Foundation patients, only those associated with the named occupational medicine division, hospital, and select physician offices. No ransomware deployment, financial system intrusion, or secondary malware installations were reported in connection with the incident. The foundation did not disclose whether law enforcement was engaged or if forensic investigations determined the attackers' identity or motives. Patient notifications occurred through unspecified channels following internal review of the compromised accounts' contents.