U of U Health announces phishing schemes caused unauthorized access to some employee email accounts

Top Stories
Cybersecurity Protection

SALT LAKE CITY, Utah (ABC4 News) — University of Utah Health announced today that it began informing patients of phishing schemes that caused unathorized access to some employee email accounts.

The security incidents occurred between January 7 and February 21, 2020. U of U Health became aware of the unauthorized access to some of the email accounts from January 22 through February 27, 2020.

Phishing occurs when an outside party sends an email that appears to be from a trusted source to gain access to confidential information. Upon learning of the incidents, U of U Health secured the affected email accounts and contacted a cyber security firm to investigate, according to Suzanne Winchester, MPA, Associate Director of Public Relations and Marketing.

Those conducting the investigation found that the compromised accounts included some patient information such as names, dates of birth, medical record numbers, and some clinical information related to care.

In addition, on February 3, U of U Health learned that malware may have been placed on an employee’s workstation. They secured the workstation and issued another investigation, which again showed that access to patient information was possible.

U of U Health is continuing to investigate the situation, but has no proof at this time that patient information was misused.

Patients whose information was involved in these incidents will receive letters from U of U Health over the next few weeks advising them to examine health care service statements for any services they did not receive.

Patients can call 1-800-737-4152 on Monday through Friday from 7:00 a.m. to 4:30 p.m. MST with questions regarding the security incidents.

Latest Posts:

Copyright 2021 Nexstar Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

ABC4 PODCASTS

More Podcasts