DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

University of Texas Arlington server containing medical records and SSN hacked

Posted on July 24, 2010 by Dissent

From UTA’s web site:

The University of Texas at Arlington recently learned that one of its file servers had been compromised, which potentially exposed the prescription records of approximately 27,000 individuals to an unauthorized source.

Federal and state authorities have been notified, including the U.S. Department of Health and Human Services, the Texas Department of Information Resources, The University of Texas System, and law enforcement officials.

There is no evidence to suggest that the compromised information is being used in an unauthorized manner as a result of this incident.

On June 21, 2010, the UT Arlington Office of Information Technology detected that data on a file server that contained Student Health Center prescription records had been compromised on four occasions: February 19, 2009; April 28, 2009; January 23, 2010; and February 10, 2010. The records dated from 2000 to June 21, 2010, and involved individuals who received a prescription or filled a prescription at the Student Health Center.

The file server in question was immediately taken offline and secured. The compromise was determined to be limited to that single file server. No other servers at the University were affected.

An extensive internal review of the matter has revealed that prescription records for approximately 27,000 individuals — including students, faculty, and staff — were potentially exposed to an outside source. In addition, records for 2,048 of the 27,000 affected individuals included Social Security numbers.

The information that may have been exposed also included names, addresses, prescription names, amount spent, and diagnostic codes. The data stored in the records did not contain credit card information or any other medical records.

To assist those who may be affected, UT Arlington has implemented the following measures:

* The University has established a Data Information Call Center to help answer questions about this incident. The telephone number is 800-913-3055. The call center is open seven days a week, 8 a.m. to 11 p.m., Central Standard Time (CST).
* Although it is possible that approximately 27,000 individuals may have had their data exposed, the University has mailed letters to all 21,554 individuals whose information was potentially exposed and for whom it had sufficient contact information. Since it is not possible to send notification letters to the remainder of those individuals for whom contact information was incomplete or unavailable, the University is using alternate methods to notify them.
* The University has mailed letters to the 2,048 individuals whose Social Security numbers may have been exposed and is offering them free credit monitoring for up to one year.
* Anyone who received a prescription or filled a prescription at the Student Health Center between 2000 and June 21, 2010 — and who does not receive a notification letter from UT Arlington by July 28, 2010 — may call the Data Information Call Center at 800-913-3055 for further information.

Hat-tip, Dallas Business Journal

Cross-posted from PHIprivacy.net


Related:

  • PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
  • Two more entities have folded after ransomware attacks
  • British institutions to be banned from paying ransoms to Russian hackers
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
  • Global hack on Microsoft product hits U.S., state agencies, researchers say
Category: Breach IncidentsEducation SectorHackHealth DataOf NoteU.S.

Post navigation

← FL: Major Fraud Case Broken in Wakulla County
(follow-up) NZ: Celebrities hit in Hell Pizza hack →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.