The University of Utah Health announced that it discovered two different data breaches that impacted patients’ personal data and medical records. The first University of Utah Health data breach gave hackers access to some employees’ email accounts, while a second one is believed to be linked to malware that was discovered on an employee’s computer.
In regards to the first University of Utah Health data breach, investigators believe phishing emails were the culprit. Phishing emails are nothing new—if someone has an email account, they have probably received one before—but the methods that hackers are using are constantly evolving. In the case of a professional setting, the phishing email could look like it comes from a trusted source, such as a third-party that the company does business with or even someone from within the company itself. These hacking attempts often instruct the recipient to enter their username and password to confirm their identity and re-establish their login.
Malware typically happens when someone installs the software on their computer. Opening a harmful attachment in an email, downloading a suspicious file or clicking on a link that takes someone to a malicious website are just a few of the ways hackers can get consumers to fall into one of their traps. Once the malware is installed, the hacker can deploy it on the computer and use it to steal information.
The health center has begun notifying affected patients of the University of Utah Health data breach, but that process is still ongoing. If someone believes they might have been affected, they can reach out to the Identity Theft Resource Center (ITRC) for assistance and information. They can also take some of the following steps if they believe their information may have been compromised in this or any other data breach:
- Change your passwords on any sensitive accounts immediately.
- Place a freeze on your credit reports with the three major credit reporting agencies.
- Monitor your insurance statements carefully for the coming months to make sure no one has used your identity to seek medical treatment or prescriptions.
Victims can reach the ITRC toll-free at 888.400.5530. They can also live chat with an expert advisor that will help them create a customized plan that is tailored to their needs.
You might also like…