A Letter to Our Patients

To Our Patients,

At Aspen Valley Health, your trust and safety are at the heart of everything we do. We’re writing to share an important update regarding our former public website.

On the morning of Monday, April 6, we learned the site—previously hosted by a third-party developer—experienced an issue that, in limited cases, redirected visitors to illegitimate prompts (such as, “Are you a bot?”). Out of an abundance of caution, we immediately took the site offline at 11:30 am. After some investigation, the website was put back online at 4 pm, then taken down permanently at 11 am the next day, on Tuesday, April 7, when issues persisted.

Simply clicking on “Are you a bot?” did not infect a computer. That step only copied a script to the user’s clipboard. A message then appeared asking users to paste and run a command in the Windows Run Dialog box as a “Quick Fix.” Running that command is what could have caused harm.

Since then, our teams have built and launched a brand-new website, fully transitioning away from our previous hosting environment. We’re pleased to assure you the issue has been fully resolved, and our new website is safe, secure and functioning normally. Just as important, there was no impact to our internal systems, and no information, including protected health information (PHI), was compromised at all.

We understand that situations like this can be unsettling, and we apologize for any confusion or inconvenience this may have caused. If you have questions about this event, please email compliance@aspenvalleyhealth.org. We at Aspen Valley Health remain diligent and proactive in safeguarding our systems as cyber risks continue to evolve.

Thank you for the confidence you place in us and for being part of the Aspen Valley Health community. We are proud to care for you and remain committed to earning your trust every day.

Warm regards,

Aspen Valley Health