Utah Imaging Associates data breach impacts 583,643 patients

Utah-based radiology medical center Utah Imaging Associates discloses a data breach that impacted 583,643 former and current patients.

Utah Imaging Associates (UIA) discloses a security breach, on September 4, 2021 the company claims to have detected and blocked a cyber attack. The healthcare provider promptly secured its infrastructure with the help of a specialized third-party cybersecurity firm. Utah Imaging Associates also notified the U.S. Department of Health and Human Services.

The healthcare provider also conducted an investigation to determine the scope of the intrusion. Threat actors gained access to some UIA files containing sensitive data of 583,643 individuals, the initial infiltration took place on August 29, 2021.

On November 18, 2021, UIA started notifying the impacted individuals via first-class mail the detailing the remediation actions the company is taking in response to the incident.

According to the HIPAA Journal, compromised files included first and last names, mailing addresses, dates of birth, Social Security numbers, health insurance policy numbers, and medical information such as treatment, diagnosis, and prescription information. The information exposed in the security breach varied from patient to patient.

Below are the recommendations included in the notice of Data Security Incident published by the company:

• You should always remain vigilant for incidents of fraud and identity theft by reviewing credit card account statements and by monitoring your credit report for suspicious or unusual activity.
• Please notify your financial institution immediately if you detect any suspicious activity on any of your accounts, including unauthorized transactions or new accounts opened in your name that you do not recognize. You should also promptly report any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities.
• You can request a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies. To do so, free of charge once every 12 months, please visit www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three nationwide credit reporting agencies is listed below.
• You have the right to file or obtain a police report if you experience identity fraud. Please note that in order to file a crime report or incident report with law enforcement for identity theft, you will likely need to provide proof that you have been a victim. A police report is often required to dispute fraudulent items. You can generally report suspected incidents of identity theft to local law enforcement or to the Attorney General.
• You can take steps recommended by the Federal Trade Commission to protect yourself from identity theft. The FTC’s website offers helpful information at www.ftc.gov/idtheft.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Utah Imaging Associates)

[adrotate banner=”5″]

[adrotate banner=”13″]