Texas Tech University Health Sciences Center (TTUHSC) recently confirmed a September ransomware attack, exfiltrating the personal and medical data of 1.4 million individuals.
The ransomware attack occurred between September 17 and September 29, 2024, affecting TTUHSC campuses in Lubbock and El Paso, as well as Texas Tech Physicians and UMC Health System.
The Interlock ransomware group has since claimed responsibility for the attack, exfiltrating 2.6 TB of data, including patient information, medical research, and SQL databases. The stolen data remains available on a dark web leak site after the university declined to pay the ransom.
TTUHSC started notifying affected individuals and is offering free credit monitoring services. The breach disrupted classes, patient services, and communication systems, including the patient portal.
TTUHSC has a history of data breaches. In 2022, a similar incident involving its electronic medical record vendor, Eye Care Leaders, compromised the electronic protected health information (PHI) of 1,290,104 patients. The more extensive 2024 attack shows the ongoing cybersecurity vulnerabilities in healthcare institutions.
In a breach notice, TTUHSC stated, "Individuals whose information may be affected by this incident are encouraged to remain vigilant against identity theft and fraud, review account statements and monitor their credit reports, as well as health care and health insurance billing statements, for suspicious activity or errors.”
With 1.4 million individuals affected, the exposure of sensitive information poses significant risks of identity theft and fraud. These incidents also strain trust in healthcare systems and disrupt critical services like patient care and communication. Moreover, the repeated targeting of TTUHSC shows how healthcare organizations must continuously improve their cybersecurity measures and comply with HIPAA regulations.
As healthcare ransomware attacks rise, institutions must employ comprehensive defenses with proactive monitoring, employee training, and secure data systems to minimize risks.
Affected individuals should remain vigilant against fraud and use the credit monitoring services offered.
A breach occurs when an unauthorized party gains access, uses or discloses protected health information (PHI) without permission. Breaches include hacking, losing a device containing PHI, or sharing information with unauthorized individuals.
See also: How to respond to a data breach
If individuals suspect their data has been compromised, they must monitor their accounts for suspicious activity and report any unauthorized transactions immediately.
No, under US law, consumers are entitled to a free credit report annually from each of the three major credit reporting bureaus: Equifax, Experian, and TransUnion. So, placing a fraud alert or credit freeze does not incur any costs.