The UC San Diego Health he said this week that he suffered infringement who gave to hackers wide access in data of patients, students and employees. Jacqueline Carr, Executive Director of Communications and Public Relations at UC San Diego Health, confirmed that the breach Phishing attack.
From 2 December 2020 to 8 April 2021, hackers had access to data they contained names, addresses, laboratory results, medical diagnoses and conditions, medical records and other medical identifiers, prescription information, treatment information, medical information, social security numbers, payment card numbers, financial account numbers and security codes, student ID numbers, and usernames and passwords.
The hospital said it found out suspicious activity on March 12th, but it was needed until April 8 for its security team to officially recognize it as "Security issue".
The relevant statement stated that the hackers acquired him check employees' email accounts for weeks before UC San Diego Health discovers the breach, terminates the accounts and contacts FBI. A cybersecurity company is still investigates the incident and the hospital said the review would be completed in September.
In addition, the hospital stated the following: "In addition to using sophisticated tools for data analysis and retrieval, UC San Diego Health conducts a manual review of affected data. It is a time consuming process that involves hundreds of hours of detailed review and analysis. In addition to alerting individuals whose personal information may have been compromised, UC San Diego Health has taken remedial action that includes, among other things, changing employee credentials, disabling access points, and enhancing our security procedures. . »
The Academic Health System of the University of California, San Diego, said it would send alerts to students, staff and patients whose personal details are included in the accounts, until September 30.
The hospital will offer, for one year, free credit monitoring and identity theft protection services through the Experian IdentityWorks.
She it's not the first time that UC San Diego Health had to inform patients of a violation. The 2018, the hospital informed 619 patients that hackers gained access to their data after an attack on Nuance Communications, a third party medical transcription service provider.
Source of information: zdnet.com