Utah Pathology Services notifying more than 110,000 patients of data breach
From Utah Pathology Services, part of the security incident notice:
On June 30, 2020, we learned than an unknown third party attempted to redirect funds from Utah Pathology. This suspicious activity did not involve any patient information, or the completion of any financial transactions. Upon discovery of the attempted fraud, Utah Pathology quickly secured the impacted email account and launched an investigation. The investigation was performed with the help of independent IT security and forensic investigators to determine the scope and extent of the potential unauthorized access to Utah Pathology systems and any sensitive information.
What information was involved:
Our investigation is ongoing, but we discovered that the personal information of certain individuals, including names and one or more of the following personal attributes was accessible to the unauthorized party: date of birth, gender, phone number, mailing address, email address, insurance information including id and group numbers, medical and health information including: internal record numbers and clinical and diagnostic information related to pathology services, and, for a small percentage of patients, Social Security number. At this time, we do not have evidence that any patient information has been misused. Nevertheless, we are notifying all potentially affected patients out of an abundance of caution. We have begun mailing letters to patients whose information was contained in the email account