UC San Diego Health announced a data breach involving unauthorised access to employee email accounts impacting patients, students and staff members.
- UC San Diego Health published a notice announcing that employee email accounts had been hacked.
- The hacking incident occurred between April 2, 2020, and April 8, 2021.
- According to the statement, they terminated the unauthorised access to these accounts and enhanced the security controls.
UC San Diego Health announced a data breach involving unauthorised access to employee email accounts impacting patients, students and staff members.
According to the US News & World Report survey 2021-2022, UC San Diego Health ranks as the best health care system in San Diego.
On April 8, UC San Diego Health uncovered unauthorised access to some of its employee’s email accounts after being cautioned of suspicious activity on March 12.
The hackers may have accessed or attained the personal data of patients, students and employees between December 2, 2020, and April 8, 2021, after reaching the email accounts in a phishing attack.
The personal information accessed during the incident could potentially include: full name, address, date of birth, email, fax number, claims information laboratory results, medical diagnosis and conditions, Medical Record Number and other medical identifiers, prescription information, treatment information, medical data, Social Security number, government identification number, payment card number or financial account number and security code, student ID number, username and password.
There is no "no evidence that other UC San Diego Health systems were impacted, nor do we have any evidence at this time that the information has been misused," reported the academic health system.
“In addition to notifying individuals whose personal information may have been involved, UC San Diego Health has taken remediation measures which have included, among other steps, changing employee credentials, disabling access points, and enhancing our security processes and procedures."
UC San Diego Health warned community members and potentially affected individuals to watch out for identity theft or fraud attempts.
Individuals affected by the data breach should monitor their financial statements, credit reports and explanation of benefits from health insurers for unauthorised activity.
A breach notification letters will be sent to students, employees, and patients affected by the data breach after the ongoing investigation ends (mostly around September 30).
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?