UHIN experienced a notice incident on July 2, 2025 affecting Alerts - Delivered via Direct and Batch EDI Processing and 1 more component, lasting 19h 29m. The incident has been resolved; the full update timeline is below.
Affected components
Update timeline
- investigating Jul 02, 2025, 08:07 PM UTC
Through both our internal alerting, as well as customer inquiry, we are aware that Bill Cox's email ([email protected]) account has been compromised through a targeted phishing attack. Malicious emails containing fraudulent DocuSign links have been sent from his address. Please exercise extreme caution and do NOT click on any DocuSign links from Bill Cox's email. We are actively investigating and working to resolve this issue.
- investigating Jul 02, 2025, 10:00 PM UTC
We want to make you aware of a phishing email that you may have received from one of our employee’s email accounts earlier today. The email may have appeared to come from Bill Cox and could include suspicious links or unexpected attachments. If you received such an email, please do not click on any links or open any attachments, and delete the message immediately. We take this matter very seriously and have already taken steps to secure the affected account and investigate the incident. At this time, we have no reason to believe any sensitive data was compromised, but we recommend remaining vigilant and reporting any suspicious activity to our security team or your own security team. If you may have clicked on any links or opened any attachments, please work with your security team immediately. We sincerely apologize for any inconvenience this may have caused and appreciate your understanding as we work to prevent this from happening again. If you have any questions or concerns, please don't hesitate to reach out.
- monitoring Jul 02, 2025, 10:07 PM UTC
A fix has been implemented and we are monitoring the results.
- resolved Jul 03, 2025, 03:37 PM UTC
This incident has been resolved.