Skip to content Skip to navigation

UPMC Data Breach Affects 27K Employees; Nearly 800 Hit by Tax Fraud

April 18, 2014
by Rajiv Leventhal
| Reprints

The University of Pittsburgh Medical Center (UPMC) is reporting that the personal information of 27,000 of its employees might have been put at risk by identity thieves, with nearly 800 workers falling victim to a fraudulent tax return scheme, say multiple news outlets.

In late February, UPMC learned that some of its employees were targeted by a fraudulent tax return scheme. It has since determined that the source of information used to commit this crime was obtained through unauthorized access that allowed some personal employee information to be exposed, according to the healthcare organization.

WTAE Pittsburgh is reporting that as many as 27,000 employees may have had their personal information exposed, while nearly 800 have been victimized by tax fraud, a spokeswoman for the healthcare giant confirmed on April 17. This was up from a March projection that as many as 322 employees might have been affected, reported TribLIVE in Pittsburgh. UPMC is the largest non-governmental employer in Pennsylvania, with more than 62,000 employees.

Since first indication, UPMC says it has been working with the Internal Revenue Service (IRS), the Federal Bureau of Investigation (FBI), the Secret Service, and information technology sources to determine the cause and scope of the breach, to prevent any further unauthorized access, and to track down the perpetrators of the serious crime.

According to WTAE Pittsburgh, employees of the several Pittsburgh area hospitals told the news station that they received a packet in the mail, telling them that their information was stolen and what they need to do to protect themselves.

The letter from UPMC said that employees’ personal information, including their names, addresses, and Social Security numbers, have been exposed. The letter further urged employees to contact their banks and check with the IRS to ensure that tax returns have not been fraudulently filed in their names as well as to prevent the potential for future incidents. UPMC also said it is providing LifeLock identity protection free of charge to employees who enroll by April 28.



CMS Hospital Compare Website Updated with VA Data

The Centers for Medicare & Medicaid Services (CMS) has announced the inclusion of Veterans Administration (VA) hospital performance data as part of the federal agency’s Hospital Compare website.

CMS Awards Funding to Special Innovation Projects

The Centers for Medicare & Medicaid Services (CMS) has awarded 20, two-year Special Innovation Projects (SIPs) aimed at local efforts to deliver better care at lower cost.

Center of Excellence in Genomic Science to be Established in Chicago

The National Human Genome Research Institute has awarded $10.6 million over five years for the establishment of a new research center in Chicago to advance genomic science.

EHNAC and HITRUST Combine HIPAA Security Criteria, CSF Framework

The Electronic Healthcare Network Accreditation Commission (EHNAC) and the Health Information Trust Alliance (HITRUST) announced plans to streamline their accreditation and certification programs.

Halamka on MACRA Final Rule: “CMS is Listening and I Thank Them”

Health IT notable expert John Halamka, M.D., CIO of Beth Israel Deaconess Medical Center in Boston, recently weighed in on the Medicare Access and CHIP Reauthorization Act (MACRA) final rule.

Texas Patient Care Clinic Hit with Ransomware Attack

Grand Prairie, Texas-based Rainbow Children's Clinic was the victim of a ransomware attack on its IT systems in August, affecting more than 33,000 patients, according to multiple news media reports this week.