Processing Your Payment

Please do not leave this page until complete. This can take a few moments.

February 22, 2019

UConn Health: 326,000 could be impacted by recent email breach

Photo | UConn Health/Janine Gelineau UConn Health's Farmington campus.

UConn Health on Friday disclosed that an unauthorized third party had accessed employee email accounts, potentially breaching the privacy of 326,000 patients and others.

Of that number, 1,500 could have had their social security numbers exposed, UConn Health said. For others, potentially acquired details include names, dates of birth, addresses, and billing and appointment information, according to a forensic investigator’s findings just before Christmas. Most of those that could be affected are patients, while a small portion are UConn employees, the state-led, Farmington-based health system, anchored by John Dempsey Hospital, said.

UConn said it can’t be certain if the unauthorized party viewed or acquired any of the private information.

"A malicious actor used a phishing attack to exploit the users of our email system," spokesman Delker Vardilos said. "We do not know the identity of the individual or individuals who gained unauthorized access to our email system."

UConn Health said it has sent letters to potentially impacted individuals and is also offering free identity theft protection services to the 1,500 whose social security numbers could have been exposed.

UConn said it also notified law enforcement, as required under state law.

In 2013, UConn Health notified more than 1,550 patients that two former employees had accessed patient records inappropriately.

The University of Connecticut Health Center has notified some 1,400 patients of a healthcare data breach after discovering in January that a former employee had accessed patient records inappropriately.

This story has been updated


Read more

Hospitals, others beef up data security amid tougher oversight

Sign up for Enews

Related Content


Order a PDF