A cybercriminal gained unauthorized access to UI Community HomeCare’s computer systems on **July 3, 2025**, compromising files containing **patient information for over 211,000 individuals**, including shared data from University of Iowa Health Care (UIHC). The exposed data included **names, dates of birth, medical record numbers, provider details, visit types, insurance information, and service dates**. While UIHC’s core systems remained unaffected, the breach involved sensitive patient records from an affiliate provider serving Iowa, western Illinois, and northern Missouri. UI Community HomeCare responded by shutting down servers, engaging cybersecurity experts, and restoring systems within a day. Notification letters were sent to all affected individuals, though no evidence of misuse was reported. The incident highlights vulnerabilities in third-party data-sharing practices and underscores risks to patient privacy in healthcare ecosystems.
TPRM report: https://www.rankiteo.com/company/university-of-iowa-health-care
"id": "uni857090225",
"linkid": "university-of-iowa-health-care",
"type": "Breach",
"date": "7/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '211,000',
'industry': 'Healthcare',
'location': ['Iowa',
'Western Illinois',
'Northern Missouri'],
'name': 'UI Community HomeCare',
'type': 'Healthcare Provider (Home Infusion & Medical '
'Equipment Services)'},
{'customers_affected': 'Subset of 211,000 (shared '
'patient data)',
'industry': 'Healthcare',
'location': 'Iowa, USA',
'name': 'University of Iowa Health Care (UIHC)',
'type': 'Academic Medical Center'}],
'customer_advisories': ['Monitor personal accounts for identity theft',
'Review credit reports for suspicious activity',
'Contact helpline (833-745-0871) for assistance'],
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': '211,000',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (Personal and Medical '
'Information)',
'type_of_data_compromised': ['Name',
'Date of Birth',
'Medical Record Number',
'Provider Information',
'Type of Visit',
'Insurance Information',
'Date of Service']},
'date_detected': '2025-07-03',
'date_resolved': '2025-07-04',
'description': 'A data breach at UI Community HomeCare, an affiliate of '
'University of Iowa Health Care (UIHC), resulted in '
'unauthorized access to patient information of over 200,000 '
'individuals. The breach was detected on July 3, 2025, '
'prompting an immediate shutdown of servers and engagement of '
'a cybersecurity team. Investigation confirmed that a '
'cybercriminal accessed and copied files containing patient '
'data, including names, dates of birth, medical record '
'numbers, provider details, visit types, insurance '
'information, and service dates. UIHC’s systems were '
'unaffected, but shared data files were compromised. '
'Notification letters were mailed to ~211,000 affected '
'individuals, and support resources were provided to mitigate '
'identity theft risks.',
'impact': {'brand_reputation_impact': 'Potential reputational harm due to '
'breach of patient trust; proactive '
'communication to mitigate impact',
'data_compromised': True,
'downtime': '1 business day',
'identity_theft_risk': 'High (patient data exposed; monitoring '
'advised)',
'operational_impact': 'Temporary shutdown of servers; '
'cybersecurity investigation',
'systems_affected': ['UI Community HomeCare servers']},
'initial_access_broker': {'high_value_targets': ['Patient data files']},
'investigation_status': 'Completed (as of notification date)',
'lessons_learned': 'Need to strengthen affiliate systems and business '
'processes to prevent future breaches, especially '
'regarding shared data files.',
'post_incident_analysis': {'corrective_actions': ['Strengthen affiliate '
'cybersecurity systems',
'Improve data-sharing '
'protocols',
'Enhance monitoring for '
'unauthorized access'],
'root_causes': ['Unauthorized access to affiliate '
'systems',
'Shared data files between UIHC '
'and UI Community HomeCare']},
'ransomware': {'data_exfiltration': True},
'recommendations': ['Enhance cybersecurity measures for affiliate partners',
'Implement stricter access controls for shared data',
'Regular audits of third-party security protocols',
'Proactive patient communication and support in breach '
'scenarios'],
'references': [{'source': 'UIHC Press Release', 'url': 'https://uihc.org'},
{'source': 'Notification Letter to Affected Individuals'}],
'response': {'communication_strategy': ['Press release',
'Direct mail notifications',
'Website updates',
'Helpline support'],
'containment_measures': ['Server shutdown',
'Cybersecurity team engagement'],
'incident_response_plan_activated': True,
'recovery_measures': ['Notification letters to affected '
'individuals',
'Public advisory on uihc.org',
'Dedicated helpline (833-745-0871)'],
'remediation_measures': ['System restoration within 1 business '
'day'],
'third_party_assistance': True},
'stakeholder_advisories': ['Public press release',
'Direct notifications to patients'],
'threat_actor': 'Cybercriminal (unknown)',
'title': 'Data Breach at UI Community HomeCare Affecting Over 200,000 '
'Patients',
'type': ['Data Breach', 'Unauthorized Access']}