cyber Breach

UVA Health

May 7, 2023 1 min read
UVA Health

An unauthorized third party has breached some of their private health information on a UVA physician’s laptop computer and other devices.

UVA has been working with the Federal Bureau of Investigation in its investigation and conducted an internal investigation.

The third party accessed yo medical records and other documents containing patient information.

It may also have accessed patients’ names, diagnoses, treatment information, addresses and dates of birth.

Source: https://newsroom.uvahealth.com/2018/02/21/uva-health-system-notifies-1882-patients-potential-privacy-issue/

TPRM report: https://scoringcyber.rankiteo.com/company/uva-health

"id": "uva19196622",
"linkid": "uva-health",
"type": "Breach",
"date": "02/2018",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'University of Virginia',
                        'type': 'Educational Institution'}],
 'attack_vector': 'Unauthorized Access',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': ['Names',
                                                         'Addresses',
                                                         'Dates of Birth'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Medical Records',
                                              'Patient Information']},
 'description': 'An unauthorized third party has breached some of their '
                'private health information on a UVA physician’s laptop '
                'computer and other devices. UVA has been working with the '
                'Federal Bureau of Investigation in its investigation and '
                'conducted an internal investigation. The third party accessed '
                'medical records and other documents containing patient '
                'information. It may also have accessed patients’ names, '
                'diagnoses, treatment information, addresses and dates of '
                'birth.',
 'impact': {'data_compromised': ['Medical Records',
                                 'Patient Information',
                                 'Names',
                                 'Diagnoses',
                                 'Treatment Information',
                                 'Addresses',
                                 'Dates of Birth'],
            'systems_affected': ['Laptop Computer', 'Other Devices']},
 'investigation_status': 'Ongoing',
 'response': {'law_enforcement_notified': True,
              'third_party_assistance': 'Federal Bureau of Investigation'},
 'threat_actor': 'Unauthorized Third Party',
 'title': "Unauthorized Access to UVA Physician's Devices",
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.