University of Utah Health Care – Hospitals and Clinics had become prey of a security incident.
Some of the University of Utah Health's patient's private information had been compromised in an email security breach.
Some of its employees' email accounts were compromised in phishing schemes, resulting in unauthorized access to those accounts between April 6 and May 22.
Compromised information included patient names, dates of birth, medical record numbers, and limited clinical information related to the care patients received at U of U Health facilities.
TPRM report: https://scoringcyber.rankiteo.com/company/university-of-utah-hospital
"id": "uni1324123",
"linkid": "university-of-utah-hospital",
"type": "Breach",
"date": "04/2020",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Healthcare',
'location': 'Utah, USA',
'name': 'University of Utah Health Care',
'type': 'Healthcare'}],
'attack_vector': 'Phishing',
'data_breach': {'personally_identifiable_information': ['Patient names',
'Dates of birth',
'Medical record '
'numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Patient names',
'Dates of birth',
'Medical record numbers',
'Limited clinical information']},
'date_detected': '2023-04-06',
'description': 'University of Utah Health Care – Hospitals and Clinics had '
'become prey of a security incident. Some of the University of '
"Utah Health's patient's private information had been "
'compromised in an email security breach. Some of its '
"employees' email accounts were compromised in phishing "
'schemes, resulting in unauthorized access to those accounts '
'between April 6 and May 22. Compromised information included '
'patient names, dates of birth, medical record numbers, and '
'limited clinical information related to the care patients '
'received at U of U Health facilities.',
'impact': {'data_compromised': ['Patient names',
'Dates of birth',
'Medical record numbers',
'Limited clinical information'],
'systems_affected': 'Email accounts'},
'initial_access_broker': {'entry_point': 'Email accounts'},
'post_incident_analysis': {'root_causes': 'Phishing schemes'},
'title': 'University of Utah Health Care Email Security Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Email Security'}