HEALTHeLINK and HEALTHeNET take vulnerabilities, especially to this extent, very seriously in our environment. We have not identified any indicators of compromise and continue to monitor extensively. Upon notification of the Log4j vulnerability, the Security team identified all impacted systems and patched all public servers affected by 1pm on Friday 12/10. Additional mitigation and patching were performed for internal servers that utilized the affected version of Log4j. We continue to monitor the situation closely and will perform other mitigation and updates as appropriate.
