Texas Tech University Health Sciences Center, the university’s academic health institution and med school, reported a theft involving a large volume of patient data during a September ransomware attack. The cyberattack targeted the systems used by UMC Health System, Texas Tech Physicians, and Texas Tech University Health Sciences Center in El Paso.
The HHS’ Office for Civil Rights received two breach reports regarding the breach of 1,465,000 patients’ electronic protected health information (ePHI) in the attack on Texas Tech University Health Sciences Center. 650,000 patients were from Texas Tech University Health Sciences Center and 815,000 patients were from the El Paso center. UMC Health earlier submitted the breach report with at least 501 individuals affected.
The Health Sciences Centers (HSCs) mentioned discovering the ransomware attack in September 2024 after noticing some issues with their computer systems and programs. It took immediate action to protect its systems and started an investigation to determine the reason for the disruption. The HSCs confirmed a cybersecurity incident relating to unauthorized access to its computer network from September 17 to September 29, 2024.
The HSCs didn’t say that the incident was a ransomware attack but the Interlock ransomware group professed that it was behind the attack and listed Texas Tech University Health Sciences Center on its data leak website in October. Because the victim did not pay the ransom, Interlock published 2.6 TB of stolen information on its data leak website, including the 100,882 folders with 2,102,989 files, which can be downloaded by anyone.
In the substitute breach notice posted by HSC, it mentioned the completion of the review of compromised files and sending of individual notifications. The compromised information included names, dates of birth, addresses, driver’s license numbers/government-issued ID numbers, Social Security numbers, financial account details, medical insurance data, diagnosis and treatment data, billing/claims information, and medical records numbers.
The HSCs are giving the impacted persons free credit monitoring services. Considering that the stolen information is posted on a dark web data leak web page, impacted persons must use those services and tightly check their explanation of benefits statements and accounts for indications of improper use of their data. In compliance with HIPAA, the HSCs implemented extra measures to enhance security to avoid identical cyberattacks and security breaches later on, including checking and updating information security guidelines and procedures, and applying extra data safety and attack monitoring procedures.
Texas Tech University Health Sciences Center reported a similar data breach in 2022. In that occurrence involving Eye Care Leaders, its electronic medical record vendor, 1,290,104 patients’ ePHI was compromised.