SCMagazine.com reported that “Dallas-based UT Southwestern Medical Center had data from almost 2,100 individuals compromised following a data breach, The Dallas Morning News reports.”

The March 12, 2024 report entitled “UT Southwestern breach hits over 2K patients” (https://www.scmagazine.com/brief/ut-southwestern-breach-hits-over-2k-patients) included these comments a UT Southwestern spokesperson:

We are assessing the data to prepare notifications to those impacted in accordance with federal regulations. The incident involved internal use of unapproved software and did not involve a cyberattack or external exposure of data,…

And these comments:

Threat actors were able to access patients’ medical and health insurance details, as well as their birthdates and addresses, noted UT Southwestern in a filing with the Office of the Texas Attorney General, which also noted upcoming notifications to affected individuals.

Such a breach comes months after UT Southwestern disclosed being among the more than 2,700 organizations impacted by the widespread MOVEit hack conducted by the Cl0p ransomware operation. The development also follows an IBM study noting mounting data breach costs, especially in the healthcare sector, which logged an over 50% increase in average breach spending since 2020 to $11 million last year.

Unfortunately Healthcare is a large target!

First published https://www.vogelitlaw.com/blog/healhcare-breach-at-ut-southwestern