// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
ColdRecon / Breach Radar / Union Health
Breach Record

Union Health

DISCLOSED 2025-05-20 · UNPATCHED CVE · 263,000 RECORDS EXPOSED

Union Health suffered a data breach affecting 263,000 patients when attackers targeted outdated Cerner servers during a data migration to Oracle. The incident exposed patient data. The attack vector appears to be exploitation of unpatched vulnerabilities on the legacy servers.

The record

What we know

Disclosed
2025-05-20
Attack vector
Unpatched Cve
Sector
Healthcare
Records exposed
263,000
Data classes exposed
patient data
ENDPOINT INVOLVED
ColdRecon assessment

Could a positive-security control have prevented this?

Verdict · unclear · opinion

The attack exploited outdated servers during a migration; a positive-security model might have prevented unauthorized changes if the servers were in a known-good state, but details are insufficient to determine if the allowlist would have blocked the specific exploit.

Our assessments are opinion, grounded in the cited public facts. Read them critically.

Sources

Cited reporting

Similar vector · recent

Other unpatched cve breaches on file

This page is the permanent ColdRecon entry for the Union Health disclosure. It updates if new public reporting emerges. All tracked breaches →

Union Health just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →