UC San Diego Health Data Breach

Understanding the UC San Diego Health Data Breach

UC San Diego Health, an esteemed institution in the healthcare industry, has unfortunately fallen victim to a data breach. As a provider of top-tier medical care and education, the security and privacy of patient and employee information are of paramount importance to UC San Diego Health. This breach is particularly concerning due to the sensitivity of the information involved.

On January 9, 2024, UC San Diego Health detected a phishing attack targeting its employees. Phishing is a deceptive practice where seemingly trustworthy emails are used to lure individuals into providing sensitive information. The breach was contained by January 22, 2024, but not before unauthorized access was gained to two employee email accounts.

The investigation revealed that the compromised information included names, Social Security numbers, mailing addresses, email addresses, dates of birth, medical record numbers, health insurance details, treatment costs, and clinical information such as medications, provider names, or diagnoses. Fortunately, bank account details and credit/debit card information were not exposed, and the electronic medical record systems were unaffected.

In response to this incident, UC San Diego Health has taken significant steps to enhance security measures and provide additional training to prevent future phishing attacks. The organization is also offering a 12 or 24-month free membership to Experian® IdentityWorksSM Credit 3B to affected individuals, which includes identity protection and credit monitoring services.

Immediate Steps to Take if You're Affected

If you believe your information was compromised in this breach, here are some actions you can take:

1. Enroll in the offered Experian IdentityWorks Credit 3B service to protect your identity and monitor your credit. Follow the instructions provided in the notice to activate your membership.

1. Review your account statements and credit reports for any unauthorized activity. You're entitled to a free credit report every 12 months from each of the three major credit bureaus. Visit AnnualCreditReport.com or call 1-877-322-8228 to request yours.

1. Consider placing a fraud alert on your credit files. This alerts creditors to verify your identity before extending credit, making it harder for identity thieves to open accounts in your name.

1. Consider a credit freeze, which restricts access to your credit report and can prevent new accounts from being opened without your consent.

1. Stay vigilant and report any suspicious transactions to the relevant financial institution immediately.

1. Contact the dedicated call center set up by UC San Diego Health at 1-833-918-7475 for further assistance and questions.

Additional Resources and Contacts

• For more information on identity theft, visit the Federal Trade Commission's website.
• Contact the credit bureaus: Equifax (1-800-685-1111), Experian (1-888-397-3742), and TransUnion (1-800-916-8800).
• If you're a resident of California, additional information can be found on the California Attorney General's website.

UC San Diego Health deeply regrets any concern or inconvenience this incident may have caused. The organization is actively working to strengthen its security systems and protect the privacy of all individuals associated with UC San Diego Health.