Home » Breaking Computer security Cyber Security data security Latest Cybersecurity News

UC San Diego Health data breach and the investigation in place

John Greenwood Posted On July 28, 2021
0


UC San Diego Health data breach

The academic health system of the University of California, the UC San Diego Health has disclosed a data breach when their employees email accounts were compromised. It is one of the best hospitals in the country, with UC San Diego Medical Center, Sulpizio Cardiovascular Center, Jacobs Medical Center all under the same healthcare license with a capacity for 808 beds in total.

As per the statement made by Jacqueline Carr, Executive Director of Communications and Media Relations the data breach has happened via a phishing attack.

More details on the UC San Diego Health data breach

After discovering compromised email accounts on April 8th, with a suspicious activity on March 12th, US San Diego Health have reported the event to law enforcement and the FBI. With proper investigation it seems the attackers might have accessed the personal data of patients and employees from Dec 02, 2021 to April April 08, 2021 via a phishing campaign.

Thought the access was there, until now the threat actors haven’t utilized the stolen information for further breaches, personal data that was accessed includes, Name, Address, Date of Birth, Email, Fax Number, Claims information, Patient Conditions, Medical Diagnosis, Lab results, Social Security Number, Government Identification Number, Payment Card Number and Financial Account Number, Security Code, Account Credentials and Student ID number.

At this time, we are aware that these email accounts contained personal information associated with a subset of our patient, student, and employee community. We estimate this review will be complete in September.  – UC San Diego Health

How is UC San Diego Health preparing to handle the situation?

The hospital has warned its community members to be cautious of potential identity theft and fraudulent activities due to the compromised personal data. It has mentioned the following in its FAQ page,

 You can do this by regularly reviewing and monitoring your financial statements, credit reports, and Explanations of Benefits (EOBs) from your health insurers for any unauthorized activity  – UC San Diego Health

The hospital is also enforcing MFA for personal profiles as and when applicable. After the investigation gets completed in September 2021, the hospital will notify the individuals about the data breach and do the necessary procedure to keep the stakeholders updated about the latest count of accounts compromised. It has also updated 610 patients regarding the data breach that occurred in 2018, due to Nuance communication.

Share the article with your friends




Author

John Greenwood

He has been working with Cybersec and Infosec market for 12+ years now. Passionate about AI, Cybersecurity, Info security, Blockchain and Machine Learning. When he is not occupied with cybersecurity, he likes to go on bike rides!

Leave A Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.