UC San Diego Health Hacked, Stolen Information Likely Used for More Crimes
Health care organizations have long been a prime target for cyber criminals.
The latest high-profile health care cyberattack is UC San Diego (UCSD) Health. It has disclosed a data breach involving unauthorized access to employee email accounts.
An undisclosed number of patients, employees and others connected to the facility may have had protected information compromised in the breach. The event didn’t affect patient care, the health system said.
In addition, there’s no evidence that other UCSD Health systems were impacted. The health system said there’s also no evidence of information misuse at this time.
Long List of Potential Stolen Data
Between Dec 2, 2020 and April 8, 2021, the hacker(s) may have been accessed or acquired personal information. That includes full name, address, date of birth, email, fax number, claims information, laboratory results, medical diagnosis and conditions.
In addition, medical record numbers and other medical identifiers, prescription information, treatment information, medical information, Social Security number, government identification number, payment card number or financial account number and security code, student ID number, and username and password may have been accessed or acquired.
“Once the forensic review has concluded, UC San Diego Health will send individual notices to those students, employees and patients whose personal information was contained in the accounts, where current contact information is available,” the health system said, “In addition to notifying individuals whose personal information may have been involved, UC San Diego Health has taken remediation measures which have included, among other steps, changing employee credentials, disabling access points, and enhancing our security processes and procedures. While we have a number of safeguards in place to protect information from unauthorized access, we are also always working to strengthen them so we can stay ahead of this type of threat activity.”
Scroll through our gallery above for reaction from cybersecurity experts.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author
You May Also Like