Tech Health Sciences Center Cyber Attack Impacted 1.4M Patients

Hackers raided the private data of more than 1.4 million Texas Tech University Health Sciences Center (TTUHSC) patients in September, getting away with information from its centers in Lubbock and El Paso.

The university told the U.S. Department of Health and Human Services it discovered the breaches in September after some of its computer systems and applications were temporarily disrupted by the cyberattack. It said the data of 815,000 customers of the El Paso site and 650,000 at the Lubbock site was accessed.

“The investigation confirmed that a cybersecurity event caused the technology issues, resulting in access to or removal of certain files and folders from the HSC network between September 17 and September 29,” a notice to patients said.

The types of compromised data varies by individual and could include, name, date of birth, address, Social Security number, driver’s license number, government-issued identification number, financial account information, health insurance information and medical information including medical records numbers, billing/claims data and diagnosis and treatment information.

The university’s incident notice did not say ransomware was used in the attack, but cybersecurity news sites have reported the Interlock ransomware group has claimed responsibility. The HIPAA Journal reported recently that the group has been attacking health care sites since September.

TTUHSC has six schools and five satellite campuses across West Texas serving more than 2.75 million people. The outage lasted for some three weeks.

Federal law requires health providers to disclose to HHS breaches of “unsecured protected health information affecting 500 or more individuals.” The agency’s Office for Civil Rights investigates the cases.

The Office of the Attorney General website that tracks data breaches impacting Texans does not yet list these breaches.

(c)2024 the San Antonio Express-News. Distributed by Tribune Content Agency LLC.