DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

UConn Health Center reports insider breach (updated)

Posted on December 11, 2013 by Dissent

Associated Press reports that the University of Connecticut has disclosed an insider breach. According to their report, an employee at the UConn Health Center inappropriately accessed personal information in the medical records of 164 patients. The school reportedly became aware of the privacy breach on Nov. 4, and has sent letters to all the affected patients.

Spokesperson Carolyn Pennington said the university had no evidence that the information had been “misused or misappropriated.” AP also reports:

The employee involved has been placed on administrative leave, Pennington said. There is no criminal investigation.

The health center has agreed to make a third-party credit monitoring service and identity theft insurance available to the patients at the university’s expense, she said.

As AP points out, this is the second such breach at the facility in the last year. Coverage of the previous breach can be found here.

Read more on NECN.

The university did not respond to an email inquiry sent earlier today asking whether this incident appeared to be (just) “snooping” – and if so, why those 164 patients, or if it appeared to be related to the federal investigation of UConn’s handling of sexual assault cases, or if it might be for tax refund fraud. Since subsequent reporting indicated no criminal investigation, I’d guess they’ve ruled out tax refund fraud or card fraud as a motive – at least for now. (SEE UPDATE, BELOW)

But what does it say that they’ve had two such insider breaches this year? Their statements for the two breaches do not indicate how they learned of the breaches. Did UConn Health detect the breaches themselves or did they have to be alerted to them by a patient or…?  I would think that’s an important issue for them to be looking at.

UPDATE: UConn Health spokesperson Chris DeFrancesco informs PHIprivacy.net that the matter is still under investigation and no conclusions have been reached. The employee remains on administrative leave. Spokesperson Carolyn Pennington adds that the sexual assault allegations came from the Storrs campus. UConn Health is in Farmington, where the medical and dental schools and biomedical PhD graduates are located, along with John Dempsey Hospital. Great thanks to UConn Health for providing that clarification.


Related:

  • North Country Healthcare responds to Stormous's claims of a breach
  • Gladney Adoption Center had serious data exposures in the past few months. What will they do to prevent more?
  • Former U.S. Soldier Pleads Guilty to Hacking and Extortion Scheme Involving Telecommunications Companies
  • DOGE Denizen Marko Elez Leaked API Key for xAI
  • Four people bailed after arrests over cyber attacks on M&S, Co-op and Harrods
Category: Uncategorized

Post navigation

← NY: Restaurant employee sentenced for skimming customers’ card numbers
CA: Cottage Health System Notifies Patients of Data Security Incident (update) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • North Country Healthcare responds to Stormous’s claims of a breach
  • Gladney Adoption Center had serious data exposures in the past few months. What will they do to prevent more?
  • Former U.S. Soldier Pleads Guilty to Hacking and Extortion Scheme Involving Telecommunications Companies
  • DOGE Denizen Marko Elez Leaked API Key for xAI
  • Four people bailed after arrests over cyber attacks on M&S, Co-op and Harrods
  • RansomedVC is back — and is still attacking its competitors
  • Texas Enacts Electronic Health Record Data Localization Law
  • United Australia Party confirms ransomware attack, personal data and email correspondence exposed
  • Armenian National Extradited to the United States Faces Federal Charges for Ransomware Extortion Conspiracy
  • 70% of healthcare cyberattacks result in delayed patient care, report finds

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Texas Enacts Electronic Health Record Data Localization Law
  • Upstate NY county clerk again refuses to enforce Texas abortion judgment
  • Attorney General James Leads Coalition Urging Congress to Protect Americans from Masked ICE Agents
  • Attorney General Tong Announces $85,000 Settlement with TicketNetwork for Violations of the Connecticut Data Privacy Act​
  • Fourth Circuit upholds West Virginia ban on abortion pills
  • Meta fixes bug that could leak users’ AI prompts and generated content
  • The EU’s Plan To Ban Private Messaging Could Have a Global Impact (Plus: What To Do About It)

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.