Utah Pathology Services email breach exposes information of more than 100,000 individuals

September 8, 2020
Medicare Web

Utah Pathology Services, Inc. experienced an email hack in late June that may have exposed the personal information of 112,124 individuals, according to the Office for Civil Rights (OCR) breach report.

On June 30, it was discovered an unknown third party attempting to redirect funds from Utah Pathology, according to the security notice posted on the organization’s website. Utah Pathology secured the impacted email account, launched an investigation, and soon after determined that personal information of individuals was accessible to the unknown third party.

The personal information that was potentially exposed included:

  • Clinical and diagnostic information related to pathology services
  • Date of birth
  • Email address
  • Gender
  • Insurance information including ID and group numbers
  • Mailing address
  • Phone number
  • Social security number

While Utah Pathology did not find evidence to suggest that any of the information has been misused, it provided notice to all patients whose information was available in the hacked email account.

Utah Pathology implemented additional safeguards and reported the incident to law enforcement, according to the security notice. In addition, Utah Pathology is offering the services of Cyberscout to provide one year of free identity monitoring to affected individuals.

Related Topics: 
HIPAA