UC San Diego Health Suffers Data Breach

Aug. 3, 2021
UC San Diego Health reports that hackers accessed personal data including claims information, lab results, Social Security numbers, and payment card numbers

Leaders at UC San Diego Health released a notice on July 27 that they “recently experienced a security event involving unauthorized access to some employee email accounts.”

According to ZDNet, “From December 2, 2020 to April 8, 2021, hackers had access to data including names, addresses, claims information, laboratory results, medical diagnosis and conditions, Medical Record Numbers and other medical identifiers, prescription information, treatment information, medical information, Social Security numbers, government identification numbers, payment card numbers or financial account numbers and security codes, student ID numbers, and usernames and passwords.”

ZDNet also reported that “In an FAQ attached to the notice, the hospital said it discovered suspicious activity on March 12 but it took until April 8 for its security team to officially identify it as ‘a security matter.’”

Further, “The statement said the hackers gained control of employee email accounts for weeks before UC San Diego Health discovered the breach, terminated the accounts, and contacted the FBI. A cybersecurity company is still investigating the incident and UC San Diego Health said the review will finish in September.”

An article from The San Diego Union Tribune notes that “The attack comes not long after the University of California notified thousands that many of its campuses were infiltrated through outdated file transfer software made by Accellion Inc. That breach, however, did not affect UC San Diego Health and did not involve medical information.”

That said, “For Accellion, and now for the new health system breach, the university is offering free credit monitoring and identity theft protection for those who have been affected. Scripps Health, San Diego’s second-largest health system, found itself taking similar steps in late May after notifying the public that a month-long ransomware attack potentially compromised the protected information of more than 147,000 people.”

The notice from UC San Diego Health suggests that “It is always a good idea to remain alert to threats of identity theft or fraud. You can do this by regularly reviewing and monitoring your financial statements, credit reports, and Explanations of Benefits (EOBs) from your health insurers for any unauthorized activity. If you ever suspect that you are the victim of identity theft or fraud, you should contact the company that maintains the account on your behalf or your local police.”

Sponsored Recommendations

Addressing Revenue Leakage in Hospitals

Learn how ReadySet Surgical helps hospitals stop the loss of earned money because of billing inefficiencies, processing and coding of surgical instruments. And helps reduce surgical...

Care Access Made Easy: A Guide to Digital Self Service

Embracing digital transformation in healthcare is crucial, and there is no one-size-fits-all strategy. Consider adopting a crawl, walk, run approach to digital projects, enabling...

Powering a Digital Front Door with a Comprehensive Provider Directory

Learn how Geisinger improved provider data accuracy, SEO, and patient acquisition with a comprehensive provider directory.

Data-driven, physician-focused approach to CDI improvement

Organizational profile Sisters of Charity of Leavenworth (SCL) Health* has been providing care since it originated in the 1600s in France as the Daughters of Charity. These religious...