Texas Tech University Health Sciences Center (TTUHSC) recently confirmed a September ransomware attack, exfiltrating the personal and medical data of 1.4 million individuals.
What happened
The ransomware attack occurred between September 17 and September 29, 2024, affecting TTUHSC campuses in Lubbock and El Paso, as well as Texas Tech Physicians and UMC Health System.
The Interlock ransomware group has since claimed responsibility for the attack, exfiltrating 2.6 TB of data, including patient information, medical research, and SQL databases. The stolen data remains available on a dark web leak site after the university declined to pay the ransom.
TTUHSC started notifying affected individuals and is offering free credit monitoring services. The breach disrupted classes, patient services, and communication systems, including the patient portal.
The backstory
TTUHSC has a history of data breaches. In 2022, a similar incident involving its electronic medical record vendor, Eye Care Leaders, compromised the electronic protected health information (PHI) of 1,290,104 patients. The more extensive 2024 attack shows the ongoing cybersecurity vulnerabilities in healthcare institutions.
What was said
In a breach notice, TTUHSC stated, "Individuals whose information may be affected by this incident are encouraged to remain vigilant against identity theft and fraud, review account statements and monitor their credit reports, as well as health care and health insurance billing statements, for suspicious activity or errors.”
Why it matters
With 1.4 million individuals affected, the exposure of sensitive information poses significant risks of identity theft and fraud. These incidents also strain trust in healthcare systems and disrupt critical services like patient care and communication. Moreover, the repeated targeting of TTUHSC shows how healthcare organizations must continuously improve their cybersecurity measures and comply with HIPAA regulations.
The bottom line
As healthcare ransomware attacks rise, institutions must employ comprehensive defenses with proactive monitoring, employee training, and secure data systems to minimize risks.
Affected individuals should remain vigilant against fraud and use the credit monitoring services offered.
FAQs
What is a data breach?
A breach occurs when an unauthorized party gains access, uses or discloses protected health information (PHI) without permission. Breaches include hacking, losing a device containing PHI, or sharing information with unauthorized individuals.
See also: How to respond to a data breach
What should individuals do if their data has been compromised?
If individuals suspect their data has been compromised, they must monitor their accounts for suspicious activity and report any unauthorized transactions immediately.
Are there any costs associated with placing a fraud alert or credit freeze?
No, under US law, consumers are entitled to a free credit report annually from each of the three major credit reporting bureaus: Equifax, Experian, and TransUnion. So, placing a fraud alert or credit freeze does not incur any costs.
