The Texas Tech University Health Sciences Center (TTUHSC) and Texas Tech University Health Sciences Center El Paso (TTUHSC El Paso), collectively known as the HSCs, have disclosed a significant cybersecurity breach impacting sensitive data.
The breach, which occurred between September 17 and September 29, 2024, allowed unauthorized access to and possible removal of certain folders and files containing personal and medical information.
The incident came to light in September 2024 when the HSCs noticed disruptions to their systems and applications.
Immediate steps were taken to secure the network, and an in-depth investigation revealed that a cyberattack was responsible for the disruption.
2024 MITRE ATT&CK Evaluation Results Released for SMEs & MSPs -> Download Free Guide
The compromised data includes personal identifiers such as names, addresses, Social Security numbers, driver’s license numbers, financial details, medical records, health insurance information, and patient diagnoses and treatment histories.
To mitigate the risks, the HSCs are proactively notifying affected individuals and offering complimentary credit monitoring services.
A dedicated assistance line, 1-866-902-1996, is also available for further inquiries. The helpline operates Monday through Friday, 8 a.m. to 8 p.m. Central Time, excluding major U.S. holidays.
In response to the breach, the HSCs are re-evaluating their security protocols, implementing enhanced monitoring, and introducing additional safeguards to prevent future incidents.
Affected individuals are advised to stay vigilant by reviewing account statements, monitoring credit reports, and checking health insurance and billing documents for unusual activities.
Under U.S. law, individuals are entitled to a free annual credit report from the three major credit bureaus: Equifax, Experian, and TransUnion.
The HSCs have also highlighted the option to place fraud alerts or credit freezes on credit files to prevent unauthorized activity. While both measures provide protection, they may also slightly inconvenience financial processes, such as loan approvals.
This breach underscores the increasing vulnerabilities of health organizations to cyberattacks, bringing attention to the importance of robust cybersecurity measures to protect sensitive data.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free
In a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer overflow…
A significant vulnerability in Sitevision CMS, versions 10.3.1 and earlier, has been identified, allowing attackers…
Chinese cybersecurity entities have accused the U.S. National Security Agency (NSA) of orchestrating a cyberattack…
The ACRStealer malware, an infostealer disguised as illegal software such as cracks and keygens, has…
A security vulnerability in Nagios XI 2024R1.2.2, tracked as CVE-2024-54961, has been disclosed, allowing unauthenticated…
Ubiquiti Networks has issued an urgent security advisory (Bulletin 046) warning of multiple critical vulnerabilities…