Utah Imaging Associates (UIA) discloses a security breach, on September 4, 2021 the company claims to have detected and blocked a cyber attack. The healthcare provider promptly secured its infrastructure with the help of a specialized third-party cybersecurity firm. Utah Imaging Associates also notified the U.S. Department of Health and Human Services.
The healthcare provider also conducted an investigation to determine the scope of the intrusion. Threat actors gained access to some UIA files containing sensitive data of 583,643 individuals, the initial infiltration took place on August 29, 2021.
On November 18, 2021, UIA started notifying the impacted individuals via first-class mail the detailing the remediation actions the company is taking in response to the incident.
According to the HIPAA Journal, compromised files included first and last names, mailing addresses, dates of birth, Social Security numbers, health insurance policy numbers, and medical information such as treatment, diagnosis, and prescription information. The information exposed in the security breach varied from patient to patient.
Below are the recommendations included in the notice of Data Security Incident published by the company:
(SecurityAffairs – hacking, Utah Imaging Associates)