DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

University of Texas Arlington server containing medical records and SSN hacked

Posted on July 24, 2010 by Dissent

From UTA’s web site:

The University of Texas at Arlington recently learned that one of its file servers had been compromised, which potentially exposed the prescription records of approximately 27,000 individuals to an unauthorized source.

Federal and state authorities have been notified, including the U.S. Department of Health and Human Services, the Texas Department of Information Resources, The University of Texas System, and law enforcement officials.

There is no evidence to suggest that the compromised information is being used in an unauthorized manner as a result of this incident.

On June 21, 2010, the UT Arlington Office of Information Technology detected that data on a file server that contained Student Health Center prescription records had been compromised on four occasions: February 19, 2009; April 28, 2009; January 23, 2010; and February 10, 2010. The records dated from 2000 to June 21, 2010, and involved individuals who received a prescription or filled a prescription at the Student Health Center.

The file server in question was immediately taken offline and secured. The compromise was determined to be limited to that single file server. No other servers at the University were affected.

An extensive internal review of the matter has revealed that prescription records for approximately 27,000 individuals — including students, faculty, and staff — were potentially exposed to an outside source. In addition, records for 2,048 of the 27,000 affected individuals included Social Security numbers.

The information that may have been exposed also included names, addresses, prescription names, amount spent, and diagnostic codes. The data stored in the records did not contain credit card information or any other medical records.

To assist those who may be affected, UT Arlington has implemented the following measures:

* The University has established a Data Information Call Center to help answer questions about this incident. The telephone number is 800-913-3055. The call center is open seven days a week, 8 a.m. to 11 p.m., Central Standard Time (CST).
* Although it is possible that approximately 27,000 individuals may have had their data exposed, the University has mailed letters to all 21,554 individuals whose information was potentially exposed and for whom it had sufficient contact information. Since it is not possible to send notification letters to the remainder of those individuals for whom contact information was incomplete or unavailable, the University is using alternate methods to notify them.
* The University has mailed letters to the 2,048 individuals whose Social Security numbers may have been exposed and is offering them free credit monitoring for up to one year.
* Anyone who received a prescription or filled a prescription at the Student Health Center between 2000 and June 21, 2010 — and who does not receive a notification letter from UT Arlington by July 28, 2010 — may call the Data Information Call Center at 800-913-3055 for further information.

Hat-tip, Dallas Business Journal

Category: Health Data

Post navigation

← (follow-up) Former Broward teacher gets house arrest for stealing students’ identities
FL: More credit card skimmers found at Gainesville gas pumps →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations
  • HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
  • UK: Two NHS trusts hit by cyberattack that exploited Ivanti flaw
  • Update: ALN Medical Management’s Data Breach Total Soars to More than 1.8 Million Patients Affected
  • Russian-linked hackers target UK Defense Ministry while posing as journalists
  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.