UT Southwestern Medical Center reported that nearly 2,100 people were affected by a data security breach that included medical and health insurance information, addresses and dates of birth.
The academic hospital reported the breach to the Office of the Attorney General on March 7. It has not contacted customers regarding the information that may have been accessed, according to the report.
Health-care systems have increasingly become targets of hackers, with the sector accounting for more ransomware attacks last year than any other industry, according to the Federal Bureau of Investigation’s 2023 Internet Crime Report.
For context, Texas Medicaid recipients were victims of a massive data breach of the third-party file transfer platform MOVEit that has affected over 2,700 organizations and 94 million people. Maximus, a federal contractor that works with Medicaid, was the largest organization affected by that hack, according to anti-malware and cybersecurity firm Emsisoft.
UT Southwestern also reported being part of the MOVEit hack in July 2023, saying the data breach included Social Security numbers. The hospital did not say how many individuals were affected, but did notify them by mail, a Texas-wide media broadcast and its website.
UT Southwestern did not immediately respond to requests for comment on the latest data breach.
Data breaches are increasingly lucrative, with the average costing $4.45 million in 2023, according to analysis by IBM. Health-care breaches are particularly expensive, costing an average of $11 million last year, up 53 percent from 2020.
©2024 The Dallas Morning News. Distributed by Tribune Content Agency, LLC.
