Aultman Health System notified its patients of the data breach in December 2025. However, the breach occurred some 11 months earlier. The organization said the delay was due to an ongoing investigation. The lawsuit against Aultman is seeking class action status.

The cyberattack was not discovered until October 2025, and a headcount of the victims is still being conducted. In the meantime, a patient of Sacramento-based One Community Health argues in a lawsuit that the nonprofit health system failed to secure his data, as required by law. The complaint is seeking class action status. 

The cyberattack on Central Maine Healthcare happened in summer 2025, but the investigation was complicated by the hackers having access to systems for several months. A class action lawsuit is pending in state court. 

During the breach, certain files within the group's network were accessed and copied without permission. 

In total, 22 facilities will benefit from the money, provided by the Statewide Health Care Facility Transformation Program. Projects include cybersecurity upgrades and telehealth implementation, in addition to EHR upgrades.

The January 2024 incident at Group Health Cooperative of South Central Wisconsin had all of the hallmarks of a ransomware attack, with an unknown cybercrime group taking credit in a letter to the payer. In total, 533,000 people were impacted by the data breach.

Researchers from University of Minnesota found that more than 300 small, rural hospitals didn't even apply for relief. At the same time, many larger, for-profit systems received hundreds of thousands in overpayments. The findings are published in Health Affairs.

The proposal, first announced by the Biden administration, was developed to improve patient data security. Those opposed argue that it would significantly increase costs and create a logistical nightmare for hospitals and health systems throughout the country.