UC San Diego Health disclosed Data Breach right after Phishing Attack

The academic health system of the University of California, UC San Diego Health, has recently disclosed a data breach after the negotiation of some employees’ email accounts. UC San Diego Health is one of the nation’s best hospitals, being repeatedly ranked as the best health care system in San Diego, according to the 2021-2022 U.S. News & World Report survey.

This health system is operated by UC San Diego Medical Center, Jacobs Medical Center, and Sulpizio Cardiovascular Center under one license, with a total capacity of 808 beds. When asked for more details regarding the data hijack, UC San Diego Health’s Executive Director of Communications and Media Relations Jacqueline Carr told our experts that the data hijack was the result of the prior phishing attack.

What are the Sensitive Details of Patients were exposed?

UC San Diego Health founded unauthorized access to some of its employees’ email accounts on April 8, after being initially warned of malicious activity on March 21. After founding the breach, UC San Diego Health canceled the unauthorized access to the negotiated accounts and reported the event to law enforcement and the FBI.

The threat actors may have accessed or collected the personal data of patients, employees, and students between December 2, 2020, and April 8, 2021, after hijacking the email accounts in a phishing attack. While the attacker had access to the email accounts for more than four months, and ongoing searches by its security teams and external cybersecurity experts have not discovered any confirmation that this information has been misused since the attack.

The personal data accessed during the incident might probably include: full name, date of birth, address, fax, email, claims information (date and cost of health care services and claims identifiers), laboratory results, medical diagnosis, and conditions, Medical Record Number and other medical identifiers, Social Security number, government identification number and security code, student ID number, and username and credentials.


There is no other “evidence that other UC San Diego Health systems were affected, nor do we have any evidence at present time that the data has been misused,” the academic health system explained. “Additionally, to notifying individuals whose personal data may have been involved, UC San Diego Health has taken remediation measures which have consisted up, among other steps, changing employee passwords, disabling access points, and enhancing the security processes and procedures.”

Probably harmed individuals Alerted of identity theft risks

The UC San Diego Health also alerted community members and probably harmed individuals to keep an eye out to discover theft or unauthenticated possibilities. “One can do this by constantly reviewing and monitoring your financial statements, credit reports, and Explanations of Benefits (EOBs) from your health insurers for any unauthorized activity,” UC San Diego Health added.

UC San Diego Health also advises rotating credentials and permissive multifactor authentication (MFA) for personal online accounts whenever possible. After the current research ends (likely around September 30), UC San Diego Health will send individual breach notification letters to students, employees, and patients affected by the information hijacking.

In June 2018, UC San Diego Health also informed 619 patients that they might have been impacted by an external data hijacking involving Nuance Communications, a third-party medical transcription provider. The hijacking came after came after Nuance’s medical transcription platforms were breached between November 20, 2017, and December 9, 2017.

Leave a Reply