DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

University of Utah notifying patients after phishing attack

Posted on July 25, 2020 by Dissent

Did University of Utah Health really have three phishing incidents this year?

Maybe not.

I was confused when I saw a new listing on HHS’s public breach tool this week. The incident, reported to HHS on July 20, reportedly affected 10,000 patients and involved PHI located in email. As such, it seemed to match an incident that had been reported in early June, but the numbers were different. Becker’s Health Review also seemed uncertain, and changed their earlier headline declaring that U. of Utah Health had had a third data breach to a headline that focused on the number of patients impacted.

DataBreaches.net contacted U. Utah Health to confirm whether there were two phishing incidents this year or three. Kathy Wilets, Director of Public Relations helpfully responded:

This is the third phishing incident we have reported to HHS this year. While all are phishing related, available information makes it difficult to say that they are part of a single coordinated campaign so we are treating them as separate incidents. Access to patient data was limited and we have not encountered any indication that data has been misused in any manner. The reported numbers are estimates and the actual number of affected patients may be lower following the completion of our investigation.

So it sounds like it is not clear to them whether this is all one threat actor or group or not. Either way, they recognized it as a serious problem and took steps to prevent a recurrence. Ms. Wilets also noted that after the June press release, was issued, they implemented dual authentication across their email system to enhance safety.

We’re also in the process of contacting patients by mail, Ms. Wilets explained.

Category: Health DataPhishingU.S.

Post navigation

← Hiscox Hack Suit Advances as Warden Grier Loses Dismissal Bid
White House Tells EPIC to Delete COVID-19 Records, EPIC Declines →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them
  • Iranian Man Pleaded Guilty to Role in Robbinhood Ransomware
  • Developments surrounding data breach at Dutch police
  • Estonia launches international search for Moroccan citizen wanted over data theft
  • Now it’s Tiffany: Another LVMH luxury brand hit by hackers
  • Dutch Government: More forms of espionage to be a criminal offence from 15 May onwards
  • B.C. health authority faces class-action lawsuit over 2009 data breach (1)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.