An investigation is underway by UC Health into a recent phishing incident that may have involved patient information.
On July 6, UC Health learned of the attack that led to unauthorized access to a limited number of UC Health employee e-mail accounts between then and July 12. UC immediately secured the accounts and started investigating.
A leading computer forensic firm has been hired to assist in the investigation.
To date, the investigation has been unable to determine whether the unauthorized person actually viewed any emails or attachments to the emails in the accounts. UC Health is in the process of reviewing the emails and attachments in the accounts to identify patients whose information may have been accessible to the unauthorized person.
UC Health expects that some patient information is contained in the accounts, including patients’ names, dates of birth, medical record numbers and clinical information.
UC Health continues to investigate this incident and anticipates notifying affected patients in the coming weeks. Although UC Health has no indication that any patient information has been misused, in an abundance of caution, UC Health has established a dedicated call center for patients to call with questions.
If any patients have questions about this incident, please call 1-833-496-0187, Monday through Friday, 9:00 a.m. to 6:30 p.m. Eastern Time.
It is recommended that patients review the statements they receive from their healthcare providers. If they see services they did not receive, they should contact the provider immediately.