On August 13, 2024, the University of Connecticut Health Center Finance Corporation (“UConn Health”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering suspicious activity in a UConn Health email account. In this notice, UConn Health explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, dates of birth, Social Security numbers, driver’s license numbers, financial account numbers, medical treatment & diagnosis information, prescriptions, and health insurance information. Upon completing its investigation, UConn Health began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from UConn Health, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the UConn Health data breach. For more information, please see our recent piece on the topic here.
What Caused the UConn Health Data Breach?
The UConn Health data breach was only recently announced, and more information is expected in the near future. However, UConn Health’s filing with the U.S. Department of Health and Human Services Office for Civil Rights provides some important information on what led up to the breach. UConn Health also posted a notice on its website discussing the incident.
According to these sources, on June 14, 2024, UConn Health detected suspicious activity within an employee’s email account. In response, UConn Health secured the affected account and then launched an internal investigation with the help of outside cybersecurity experts.
Through this investigation, UConn confirmed that an unknown and unauthorized party accessed the email account on June 14, 2024. The UConn investigation also determined that the unauthorized party may have acquired emails from the employee’s email account. Subsequently, UConn Health confirmed that some of the emails and attachments in the account contained confidential consumer information.
After learning that sensitive consumer data was accessible to an unauthorized party, UConn Health reviewed the compromised files to determine what information was leaked and which consumers were impacted. UConn Health completed this process on August 7, 2024. While the breached information varies depending on the individual, it may include your name, date of birth, Social Security number, driver’s license number, financial account number, medical treatment & diagnosis information, prescriptions, and health insurance information.
On August 13, 2024, UConn Health sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About UConn Health
UConn Health is a large healthcare system based out of Farmington, Connecticut. UConn Health is a branch of the University of Connecticut that oversees clinical care, advanced biomedical research, and academic education in medicine. UConn Health is a multi-specialty practice, with more than 450 physicians in more than 50 specialties. UConn Health includes the UConn John Dempsey Hospital, which is a 234-bed hospital providing a wide range of services. UConn Health employs more than 5,000 people and generates approximately $1.2 billion in annual revenue.