Data Breaches

Breach Subtotal

Breach Type: all
Organization Type: all
Year(s) of Breach: all
Company or Organization:
Date Made Public:
November 17, 2017
Company: UPMC Susquehanna
Location: Williamsport, Pennsylvania
Type of breach:
HACK
Type of organization:
MED
Records Breached:
1,200

"UPMC Susquehanna has notified 1,200 patients treated at various UPMC Susquehanna locations that their personal information — including names, dates of birth, contact information and Social Security numbers — may have been inappropriately accessed.

In a release sent out Friday morning, UPMC Susquehanna privacy officer David Samar said health care system apologized for the breach. “We apologize for any concern or inconvenience that this may cause for our patients. I want to stress that patient care was never affected. UPMC is committed to meeting our patients’ privacy expectations. We cannot confirm if any of the information was used for improper purposes, but out of an abundance of caution we deemed it appropriate to inform those possibly affected by this breach.”

The breach was discovered on Sept. 21, when an employee reported suspicious activity to the information technology staff. As a result of UPMC Susquehanna’s internal investigation, it is believed that through a phishing attack the information may have been accessed."

Information Source:
Media
Date Made Public:
November 15, 2017
Company: UPMC Susquehanna
Location: , Pennsylvania
Type of breach:
HACK
Type of organization:
MED
Records Breached:
1,208

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
CSV