Security News > 2021 > July > UC San Diego Health discloses data breach after phishing attack

UC San Diego Health, the academic health system of the University of California, San Diego, has disclosed a data breach after the compromise of some employees' email accounts.

UC San Diego Health is one of the nation's best hospitals, being repeatedly ranked as the best health care system in San Diego, according to the 2021-2022 U.S. News & World Report survey.

When asked for additional details regarding the data breach, UC San Diego Health's Executive Director of Communications and Media Relations Jacqueline Carr told BleepingComputer that the breach was the result of a phishing attack.

After discovering the breach, UC San Diego Health terminated the unauthorized access to the compromised accounts and reported the event to law enforcement and the FBI. The attackers may have accessed or acquired the personal information of patients, employees, and students between December 2, 2020, and April 8, 2021, after breaching the email accounts in a phishing attack.

After the ongoing investigation ends, UC San Diego Health will send individual breach notification letters to students, employees, and patients affected by the data breach.

In June 2018, UC San Diego Health also informed 619 patients that they might have been affected by an external data breach involving Nuance Communications, a third-party medical transcription provider.

News URL

https://www.bleepingcomputer.com/news/security/uc-san-diego-health-discloses-data-breach-after-phishing-attack/