UConn Health notifies up to 326,000 patients of data breach

Farmington-based University of Connecticut Health sent letters to up to 326,000 patients notifying them of a recent data security incident.

A third party illegally gain access to several employee email accounts. As many as 326,000 patients were potentially affected by the attack, according to local news station WFSB.

UConn Health discovered the email accounts were attacked on Dec. 24, 2018. The email accounts contained names, dates of birth, addresses and limited medical information, such as billing and appointment information. Of the patients affected, 1,500 also have their Social Security number at risk.

The security incident had no impact on computer networks or EHRs. The health system is unaware of any fraud or identity theft as a result of the data breach. However, UConn Health is offering identity theft protection to patients whose Social Security numbers may have been affected.

UConn Health has notified local law enforcement and contacted a forensic security firm to investigate the incident and conduct a comprehensive search for any personal information in the affected email accounts.

"We take our responsibility to safeguard personal information seriously and apologize for any inconvenience or concern this incident might have," the notice stated. "We have taken and will continue to take steps to health prevent something like this from happening again, including evaluating additional platforms and educating staff and reviewing technical controls."

More articles on cybersecurity: 
'Data error' exposes 974,000 patient records at UW Medicine
Cloud security provider extends services to Google Cloud customers
Patient medical records sell for $1K on dark web

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months