UConn Health, based in Farmington, Connecticut, has disclosed a significant data incident involving the potential compromise of personal information. On June 14, 2024, UConn Health identified suspicious activity within a specific email account, prompting immediate measures to secure the account and initiate an internal investigation. To thoroughly assess the situation, the organization enlisted the help of a forensic security firm, which conducted a comprehensive review to determine the extent of the breach.
The investigation uncovered that an unauthorized third party had accessed the email account for a brief period on the same day. During this unauthorized access, the third party potentially acquired various sensitive pieces of personal information. By August 7, 2024, UConn Health confirmed that the breached account contained information such as names, dates of birth, Social Security numbers, driver’s license numbers, financial account numbers, medical treatment details, prescriptions, and health insurance information.
Following this discovery, UConn Health began mailing notification letters on August 13, 2024, to all individuals whose information was found in the compromised account, provided a valid mailing address was available. The notifications include details on how individuals can protect themselves from potential fraud and identity theft. UConn Health has arranged for complimentary credit monitoring services for those affected, particularly for individuals whose Social Security numbers or driver’s license numbers were potentially involved.
In light of the breach, individuals are urged to remain vigilant and take proactive measures to safeguard their personal information. This includes regularly reviewing account statements, monitoring credit reports for any unusual activity, and promptly reporting any signs of fraud or identity theft to their financial institutions and law enforcement authorities. UConn Health continues to enhance its security protocols to prevent future incidents and protect the privacy of its patients and affiliates.
Reference:
