Utah medical center hit by data breach affecting 582k patients


Level 64
Thread author
Honorary Member
Top poster
Content Creator
Apr 24, 2016
Utah Imaging Associates (UIA), a Utah-based radiology center, has announced a data breach affecting 582,170 people after their personal information was exposed.

According to the data breach notification sent to affected individuals, the security incident was discovered on September 4, 2021, and was remediated on the same day.

However, the initial network infiltration happened on August 29, 2021, allowing the threat actors to explore UIA's internal systems and potentially steal data for about a week.

The subsequent forensic investigation carried out with the help of a specialized third-party cybersecurity firm revealed that the unauthorized network intruder had access to the following personal information of patients:
  • First and last name
  • Mailing address
  • Date of birth
  • Social Security number
  • Health insurance policy number
  • Medical information (medical treatment, diagnosis, and prescription information)
The type of information varies by individual, so not all of the above elements concern each recipient of the data breach notice.

UIA also points out that they have received no reports of this data having been leaked online, two months after the incident.

This, however, doesn't guarantee that any stolen data isn't privately shared among hackers on the dark web, as is commonly done with data breaches.

People who used UIA's services in the past should take advantage of the offered 12 months of credit monitoring services through IDX and remain vigilant against social engineering attacks.

If you have noticed signs of fraud, unusual bank account charges, or suspicious emails and calls, you are advised to report it immediately by calling (833) 525-2720.