UC San Diego Health Data Breach

Will Gendron
Mar 11, 2024 11:26 AM
The UC San Diego Health data breach involved unauthorized access to sensitive information including names, Social Security numbers, and medical details. The breach was contained within two weeks, and measures have been taken to enhance security. Affected individuals are offered free credit monitoring and identity protection services.
UC San Diego Health Data Breach

Understanding the UC San Diego Health Data Breach

UC San Diego Health, an esteemed institution in the healthcare industry, has unfortunately fallen victim to a data breach. As a provider of top-tier medical care and education, the security and privacy of patient and employee information are of paramount importance to UC San Diego Health. This breach is particularly concerning due to the sensitivity of the information involved.

On January 9, 2024, UC San Diego Health detected a phishing attack targeting its employees. Phishing is a deceptive practice where seemingly trustworthy emails are used to lure individuals into providing sensitive information. The breach was contained by January 22, 2024, but not before unauthorized access was gained to two employee email accounts.

The investigation revealed that the compromised information included names, Social Security numbers, mailing addresses, email addresses, dates of birth, medical record numbers, health insurance details, treatment costs, and clinical information such as medications, provider names, or diagnoses. Fortunately, bank account details and credit/debit card information were not exposed, and the electronic medical record systems were unaffected.

In response to this incident, UC San Diego Health has taken significant steps to enhance security measures and provide additional training to prevent future phishing attacks. The organization is also offering a 12 or 24-month free membership to Experian® IdentityWorksSM Credit 3B to affected individuals, which includes identity protection and credit monitoring services.

Immediate Steps to Take if You're Affected

If you believe your information was compromised in this breach, here are some actions you can take:

  1. Enroll in the offered Experian IdentityWorks Credit 3B service to protect your identity and monitor your credit. Follow the instructions provided in the notice to activate your membership.
  1. Review your account statements and credit reports for any unauthorized activity. You're entitled to a free credit report every 12 months from each of the three major credit bureaus. Visit AnnualCreditReport.com or call 1-877-322-8228 to request yours.
  1. Consider placing a fraud alert on your credit files. This alerts creditors to verify your identity before extending credit, making it harder for identity thieves to open accounts in your name.
  1. Consider a credit freeze, which restricts access to your credit report and can prevent new accounts from being opened without your consent.
  1. Stay vigilant and report any suspicious transactions to the relevant financial institution immediately.
  1. Contact the dedicated call center set up by UC San Diego Health at 1-833-918-7475 for further assistance and questions.

Additional Resources and Contacts

UC San Diego Health deeply regrets any concern or inconvenience this incident may have caused. The organization is actively working to strengthen its security systems and protect the privacy of all individuals associated with UC San Diego Health.

Affected by the data breach?

Join others and take action at no cost.

Weekly newsletter

Stay up to date with new class action settlements you may join.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Consumer Notice

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF