UMC Health Confirms September Ransomware Attack and Notifies Impacted Patients
UMC Health System began informing patients about the exposure of some of their protected health information (PHI) in a ransomware attack. The health system detected strange activity in its computer system on September 26, 2024, when ransomware encrypted some files. The forensic investigation affirmed that the threat actor accessed its system between September 16 and September 26. The attack resulted in an outage that went on for about 3 weeks. UMC Health clinics started accepting patients on October 23, 2024, when all patient-facing systems were accessible online.
The forensic investigation revealed that an unidentified, unauthorized third party got access to its system, including areas of the system that contain patient data. That data might have been viewed or obtained before using ransomware for file encryption. UMC Health System has already analyzed the impacted files and affirmed that they include patients’ PHI including names, addresses, birth dates, diagnoses, medical insurance details, names of providers, dates of treatment, and/or Social Security numbers.
UMC Health began mailing notification letters to the impacted persons on November 22, 2024. The health system has cautioned them to be cautious against identity theft and fraud and advises going over statements from healthcare companies and medical insurance companies for any product or service that was not obtained, and to report any issues to the appropriate provider/insurance company. UMC Health System stated it has enforced extra technical safety measures to avoid the same incidents down the road.
UMC Health System in Lubbock, Texas submitted the data breach report to the HHS’ Office for Civil Rights indicating that at least 501 people were affected. The breach report sent to the Texas Attorney General indicates that the personal data of 3,287 Texans was affected.
UMC Health System in Lubbock, Texas has reported the progress of its recovery from the September ransomware attack. The ransomware attack affected several systems, which include the systems of Texas Tech Physicians and Texas Tech University Health Sciences Center. Although the health system continued to provide patient care and its clinics stayed open, it took down its electronic medical record (EHR) system and other important systems to control the attack. Because of the unavailability of its critical systems, UMC Health diverted emergency and non-emergency patients to other hospitals.
UMC Health manages a pediatric hospital, a health and wellness hospital, and 30 clinics in Eastern New Mexico and West Texas. It also manages a Level 1 Trauma Center located within 400 miles. Emergency patients coming by ambulance are no longer diverted to other facilities except for a few select patients.
On October 11, 2024, about three weeks after the ransomware attack occurred, UMC Health’s EHR system became accessible again in all clinics, including its MyCareTeam patient portal and Find-a-Physician webpage. Patients used the online portal to connect with their physicians at that time, but patient-facing systems for patient care were not yet available. Texas Tech Physicians and Texas Tech University Health Sciences Center still encountered breakdowns because of the attack.