UT Southwestern Breach Exposes Personal Info of 40,668 Texans

UT Southwestern Medical Center recently disclosed a significant data breach that has affected the personal information of 40,668 individuals in Texas. The breach was reported to the Texas Attorney General's office on December 10, 2024. While the exact method of the breach has not been detailed, the incident has exposed a wide range of sensitive consumer information.

The types of information exposed in this breach include:

• Name of individual
• Social Security Number
• Driver’s License number
• Government-issued ID number (e.g., passport, state ID card)
• Financial Information (e.g., account number, credit or debit card number)
• Medical Information
• Health Insurance Information
• Address
• Date of Birth

The breach is particularly concerning due to the variety and sensitivity of the data involved. Medical and financial information, when combined with personal identifiers like Social Security numbers and driver’s license details, can lead to identity theft, financial fraud, and unauthorized access to medical records.

The breach was disclosed on the Texas Attorney General's Data Security Breach Reports page, where additional details about the incident can be found.

UT Southwestern Medical Center's response

UT Southwestern Medical Center has not yet publicly disclosed the specific measures it has taken to address the breach. However, organizations typically follow standard protocols in such situations, including investigating the breach, notifying affected individuals, and enhancing cybersecurity measures to prevent future incidents.

The disclosure to the Texas Attorney General indicates that the organization has begun the process of compliance with legal requirements for data breach notifications.

What the reader should do if they are affected by the data breach

If you believe your information may have been compromised in this breach, it is essential to take immediate action to protect yourself. Here are some steps you should consider:

1. Monitor your financial accounts and credit reports: Regularly check your bank accounts and credit card statements for unauthorized transactions. Obtain a free credit report from each of the three major credit bureaus (Equifax, Experian, and TransUnion) to look for unusual activity.
2. Place a fraud alert or credit freeze: Contact one of the credit bureaus to place a fraud alert on your file. This will make it harder for identity thieves to open accounts in your name. Alternatively, you can request a credit freeze, which prevents creditors from accessing your credit report without your permission.
3. Watch for phishing attempts: Be cautious of unsolicited emails, phone calls, or messages claiming to be from UT Southwestern Medical Center or other organizations. Scammers may use the breach as an opportunity to trick you into revealing additional personal information.
4. Change passwords and enable two-factor authentication: If any of your online accounts use the same credentials as those potentially exposed in the breach, update your passwords immediately. Enable two-factor authentication for an added layer of security.
5. Consider identity theft protection services: Some individuals may choose to enroll in identity theft monitoring or protection services, which can help detect and respond to unauthorized use of your personal information.
6. Stay informed: Keep an eye on official communications from UT Southwestern Medical Center for updates about the breach and any support they may offer to affected individuals.