UC San Diego Hacked, Patient and Employee Records Compromised

Posted on July 30, 2021 at 2:29 PM

UC San Diego Hacked, Patient and Employee Records Compromised

UC San Diego Health has stated that the hospital has become a victim of a data breach. According to the firm, threat actors gained access to the email accounts of some employees, but patient care was not affected.

The hospital also stated that once the breach was discovered, it halted access to the employee email accounts and enforced tighter security measures. The hospital stated that the breach was first identified on March 12, but it was not until April 8 that the hospital’s security team officially termed it a “security matter.” The hospital reported the matter to the FBI and liaised with a cybersecurity firm to investigate the matter.

“UC San Diego Health reported the event to the FBI and is working with external cybersecurity experts to investigate the event and determine what happened, what data was impacted, and to whom the data belonged, a notice by the hospital read.

Which Information was compromised?

UC San Diego Health stated that an investigation into the matter was ongoing. The only information that the firm was certain was compromised includes personal details related to patients, students and employees. A full analysis of the compromised records would be available in September.

The hospital also stated that the data breach happened between December 2020 and April 2021. Cost of health care, lab results, medical diagnosis, medical records, prescriptions, treatment information, social security number, username and passwords were among the details that were accessed by the hackers.

UC San Diego Health also added that once the full forensic review of the breach was done, the firm would send the review to students, employees and patients who were affected by the breach. Only the parties whose contact details are still with the hospital will receive the review by September 30, 2021.

As a show of good faith to parties whose data was affected, UC San Diego stated that the firm would give one year of free credit monitoring and protection against identity theft using Experian Identity Works.

To prevent a similar attack from happening, the hospital also stated that it had taken proactive measures such as changing employee details and boosting security measures to protect the data of employees, patients and other stakeholders.

Offering Support to Affected Parties

UC San Diego Health also stated that it would be creating a call centre dedicated to providing answers to all queries regarding the incident. The call centre will be available at the same time that the reviews will be sent out to the affected parties.

The affected parties can place calls through the number 1-855-767-1160, which will be open between 6.00 a.m. to 5.00 p.m. from Monday to Friday and between 8.00 a.m. and 5.00 p.m. on Saturday and Sunday. Queries can also be sent through the hospital’s email, iscommunication@health.ucsd.edu.

A dedicated Experian representative on behalf of UC San Diego Health will be available to assist community members,” UC San Diego Health stated.

When providing the details of the data breach, the hospital also provided tips that would help the relevant stakeholders to beware of future attacks.

According to the statement provided by UC San Diego Health, the firm denied that the data breach was affiliated with Accellion file transfer appliance vulnerability. The vulnerability led to several cyberattacks.

However, UC San Diego has also been a victim of similar breaches in the past. In 2018, the hospital informed 619 patients that their data was compromised. This happened after a Nuance Communications attack, a third party transcription provider for medical records. However, the hospital has been prompt to inform patients of these breaches.

Two months back, Scripps Health was also victim to a similar data breach in May. However, the attack on Scripps Health involved ransomware and was targeted to the hospital’s technology systems. In the attack, personal information belonging to more than 147,000 patients, employees and students was compromised. If the trend continues, more health facilities could become victims.

Summary
UC San Diego Hacked, Patient and Employee Records Compromised
Article Name
UC San Diego Hacked, Patient and Employee Records Compromised
Description
UC San Diego Health has stated that the hospital has become a victim of a data breach. According to the firm, threat actors gained access to email accounts of some employees, but patient care was not affected.
Author
Publisher Name
Koddos
Publisher Logo

Share this:

Related Stories:

Aug 30, 2023
Stolen Data Threat: Rhysida Ransomware Gang Targets Prospect Medical Holdings
Aug 22, 2023
High-Severity WinRAR Flaw Allows Hackers To Assume Control Over PCs
Koddos

Newsletter

Get the latest stories straight
into your inbox!

Popular Articles

Aug 30, 2023
Stolen Data Threat: Rhysida Ransomware Gang Targets Prospect Medical Holdings
Aug 29, 2023
Compromised routers allowed online criminals to target Pentagon contract site
Aug 28, 2023
1.2 million customers of Mom’s Meals were affected after the recent data breach
Aug 28, 2023
How VPNs Can Defend Against the Threat of Hacking
Aug 23, 2023
Terra Developers Shut Down Website Amid A Phishing Campaign

YOUTUBE

Discover more from KoDDoS Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading