We take patient privacy and the protection of patient data very seriously, and we are writing to inform you about a recent incident at Oracle Health, formerly Cerner Corporation, that may have involved information about you.
Oracle Health, is a third-party provider of health information technology solutions, including laboratory service systems, previously used at CHRISTUS Health locations.
In October 2025, Oracle Health informed us that an unauthorized third party gained access to legacy Cerner systems as early as January 22, 2025, and obtained certain data. CHRISTUS Health is one of many health care providers whose information was affected by this Oracle Health incident. Once Oracle Health identified this issue, they began an investigation, engaged external cybersecurity specialists, and federal law enforcement. Federal investigators asked Oracle Health (and all affected organizations) to delay notifying individuals while they completed critical steps to understand the incident.
This incident has not impacted or disrupted CHRISTUS Health’s current IT systems or the safe and reliable operation of our clinical services. If your personal information was involved in this incident, you’ll receive a letter in the mail with more details.
On December 9, 2025, Oracle Health provided CHRISTUS Health with a list of patients whose information may have been involved in its incident. The type of information varies by individual, but may include names, Social Security numbers, and information included within laboratory records, such as laboratory orders, blood bank records, medical record numbers, doctors, diagnoses, medicines, and test results. The information does not include present-day laboratory records, as the data involved was all prior to February 2025.
Letters are being mailed to patients whose information was involved in this incident, including an offer of a complimentary two-year membership to credit monitoring and identity protection services.
We also encourage patients to review statements they receive from their healthcare providers and health insurer and immediately report any inaccuracies to the provider or insurer.
If you have any questions about the event or would like assistance, please contact 833-918-1131 (toll free), Monday through Friday from 8am – 8pm Central Time (excluding major U.S. holidays). Please have your engagement number (from the letter you received) available when you call.
We sincerely apologize for any concern or disruption that this Oracle Health incident may cause. CHRISTUS Health remains committed to safeguarding your information and continues to review and strengthen the cybersecurity protections of all third-party partners we rely on to support your care.
