UI HomeCare, an affiliate of University of Iowa Health Care, suffered a cyberattack on July 3, where a cybercriminal gained unauthorized access to its computer system. The breach exposed shared files containing sensitive patient data, including names, dates of birth, medical record numbers, healthcare providers, visit types, insurance details, and service dates. Approximately 211,000 individuals were potentially affected. While UI Health Care confirmed its primary electronic health record system remained secure, the incident involved the theft of patient information from UI Community HomeCare’s systems. Though no evidence of misuse was found, patients were advised to monitor financial statements and credit reports for fraud. The investigation remains ongoing, with law enforcement assisting in identifying the perpetrators. The breach highlights vulnerabilities in data-sharing practices between affiliated healthcare entities.
TPRM report: https://www.rankiteo.com/company/uihealthcaredowntown
"id": "uih922090225",
"linkid": "uihealthcaredowntown",
"type": "Cyber Attack",
"date": "7/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '211,000',
'industry': 'Home Infusion and Medical Equipment '
'Services',
'location': 'Iowa, USA',
'name': 'University of Iowa HomeCare',
'type': 'Healthcare Provider'}],
'customer_advisories': 'Letter sent to affected patients on August 29, 2024, '
'with guidance on monitoring credit reports and bank '
'statements',
'data_breach': {'data_exfiltration': True,
'file_types_exposed': ['Shared files containing patient data'],
'number_of_records_exposed': '211,000',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (medical and personally '
'identifiable information)',
'type_of_data_compromised': ['Personal Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)']},
'date_detected': '2024-07-03',
'date_publicly_disclosed': '2024-08-29',
'description': "A data breach in University of Iowa HomeCare's computer "
'system compromised general medical information for over '
'200,000 individuals. The cybercriminal gained unauthorized '
'access on July 3, 2024, and exfiltrated data including '
'patient names, dates of birth, medical record numbers, '
'healthcare providers, visit types, insurance information, and '
'service dates. UI Health Care emphasized that its primary '
'electronic health record system was unaffected, but the '
'breach involved shared files between UI HomeCare and UI '
'Health Care. No misuse of data has been detected, but '
'patients were advised to monitor for identity theft or fraud. '
'The investigation remains ongoing, with law enforcement '
'involved in identifying the responsible party.',
'impact': {'brand_reputation_impact': 'Potential reputational harm due to '
'breach of 211,000 patient records; '
'public apology issued',
'data_compromised': ['Patient names',
'Dates of birth',
'Medical record numbers',
'Healthcare providers',
'Visit types',
'Medical insurance information',
'Dates of service'],
'identity_theft_risk': 'Patients advised to monitor for identity '
'theft or fraudulent activity',
'systems_affected': ['UI HomeCare computer system']},
'initial_access_broker': {'high_value_targets': ['Patient medical data',
'Shared files between UI '
'HomeCare and UI Health '
'Care']},
'investigation_status': 'Ongoing (as of August 29, 2024)',
'post_incident_analysis': {'corrective_actions': ['Strengthening systems and '
'business processes '
'(planned)',
'Collaboration with law '
'enforcement for '
'attribution']},
'ransomware': {'data_exfiltration': True},
'recommendations': ['Monitor financial and credit reports for suspicious '
'activity',
'Strengthen system security and data-sharing protocols '
'between affiliated entities',
'Enhance incident response capabilities'],
'references': [{'source': 'Press-Citizen'}],
'response': {'communication_strategy': ['Public disclosure (August 29, 2024)',
'Patient notification letters',
'Media statements',
'Advisory to monitor for identity '
'theft'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'remediation_measures': 'Strengthening systems and business '
'processes to prevent future incidents '
'(planned)'},
'stakeholder_advisories': 'Patients advised to remain vigilant for identity '
'theft or fraud; UI Health Care committed to system '
'improvements',
'threat_actor': 'Cybercriminal (unknown individual/group)',
'title': 'UI HomeCare Data Breach Impacting Over 200,000 Patients',
'type': ['Data Breach', 'Unauthorized Access', 'Data Exfiltration']}