University of Utah Health Suffers Further Phishing Attack

HIPAA Journal

University of Utah Health has suffered another phishing attack, with the latest incident resulting in the exposure of the protected health information (PHI) of 2,700 patients.

This is the third phishing incident to be reported to the HHS’ Office for Civil Rights by the University of Utah this year. The previous incidents were reported on March 21 and April 3 and affected 3,670 and 5,000 patients respectively.

In the latest attack, an unauthorized individual gained access to employee email accounts between April 6 and May 22, 2020 as a result of responses to phishing emails. The email accounts were promptly secured, and an investigation was launched to determine whether the attackers gained access to patients’ PHI.

It was not possible to tell whether...

Get the Morning Update

Thanks for subscribing!