The University of Utah Health disclosed a security breach, the research hospital has discovered unauthorized access to some employee email accounts along with the presence of malware on its systems.
Attackers breached the organization with a phishing attack, the intrusion took place between January 7 and February 21, 2020.
“From January 22 to February 27, 2020, we became aware that there was unauthorized access to some employees’ email accounts. This unauthorized access occurred between January 7 and February 21, 2020. The unauthorized access occurred as a result of phishing schemes sent to the employees’ email accounts.” reads the alert issued by the hospital.
“We quickly secured the email account, began an investigation, and engaged a
The University of Utah Health announced that it has immediately secured the compromised accounts and launched an investigation.
The investigation determined that some patient information was exposed, including names, dates of birth, medical record numbers, and limited clinical information about care received at the hospital.
The investigation additionally revealed that the staff at the hospital discovered on February 3, 2020, that an employee’s workstation had been infected with a common type of malware.
“Additionally, on February 3, 2020, we became aware that a common type of malware may have been placed on an employee’s workstation. We quickly secured that workstation, began an investigation into this incident, and engaged a cybersecurity firm to assist.” continues the alert. “The investigation determined that the malware may have allowed access to some patient information from the employee’s email account, including patient names, dates of birth, medical record numbers, and limited clinical information related to the care U of U Health provided to patients.”
The investigation into the incident is still ongoing, the good news is that the hospital is not aware of any abuse of the exposed information.
The University of Utah Health is notifying the impacted patients via letter, it also established a dedicated call center to provide them support and answer their questions. Patients are recommended to review statements received from their healthcare providers and immediately report discrepancies or services that they did not receive.
“We deeply regret any concern or inconvenience this may cause our patients. We are actively reviewing information protocols, reinforcing information security procedures with our employees and implementing changes where needed to help prevent an incident like this from happening again,” the hospital concludes.
(SecurityAffairs – hacking, University of Utah Health)