UPMC Data Breach Affects 27K Employees; Nearly 800 Hit by Tax Fraud | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

UPMC Data Breach Affects 27K Employees; Nearly 800 Hit by Tax Fraud

April 18, 2014
by Rajiv Leventhal
| Reprints

The University of Pittsburgh Medical Center (UPMC) is reporting that the personal information of 27,000 of its employees might have been put at risk by identity thieves, with nearly 800 workers falling victim to a fraudulent tax return scheme, say multiple news outlets.

In late February, UPMC learned that some of its employees were targeted by a fraudulent tax return scheme. It has since determined that the source of information used to commit this crime was obtained through unauthorized access that allowed some personal employee information to be exposed, according to the healthcare organization.

WTAE Pittsburgh is reporting that as many as 27,000 employees may have had their personal information exposed, while nearly 800 have been victimized by tax fraud, a spokeswoman for the healthcare giant confirmed on April 17. This was up from a March projection that as many as 322 employees might have been affected, reported TribLIVE in Pittsburgh. UPMC is the largest non-governmental employer in Pennsylvania, with more than 62,000 employees.

Since first indication, UPMC says it has been working with the Internal Revenue Service (IRS), the Federal Bureau of Investigation (FBI), the Secret Service, and information technology sources to determine the cause and scope of the breach, to prevent any further unauthorized access, and to track down the perpetrators of the serious crime.

According to WTAE Pittsburgh, employees of the several Pittsburgh area hospitals told the news station that they received a packet in the mail, telling them that their information was stolen and what they need to do to protect themselves.

The letter from UPMC said that employees’ personal information, including their names, addresses, and Social Security numbers, have been exposed. The letter further urged employees to contact their banks and check with the IRS to ensure that tax returns have not been fraudulently filed in their names as well as to prevent the potential for future incidents. UPMC also said it is providing LifeLock identity protection free of charge to employees who enroll by April 28.

Topics

News

Survey: By 2019, 60% of Medicare Revenues will be Tied to Risk

Medical groups and health systems that are members of AMGA (the American Medical Group Association) expect that nearly 60 percent of their revenues from Medicare will be from risk-based products by 2019, according to the results from a recent survey.

83% of Physicians Have Experienced a Cyber Attack, Survey Finds

Eighty-three percent of physicians in a recent survey said that they have experienced some sort of cyber attack, such as phishing and viruses.

Community Data Sharing: Eight Recommendations From San Diego

A learning guide focuses on San Diego’s experience in building a community health information exchange and the realities of embarking on a broad community collaboration to achieve better data sharing.

HealthlinkNY’s Galanis to Step Down as CEO

Christina Galanis, who has served as president and CEO of HealthlinkNY for the past 13 years, will leave her position at the end of the year.

Email-Related Cyber Attacks a Top Concern for Providers

U.S. healthcare providers overwhelmingly rank email as the top source of a potential data breach, according to new research from email and data security company Mimecast and conducted by HIMSS Analytics.

Former Health IT Head in San Diego County Charged with Defrauding Provider out of $800K

The ex-health IT director at North County Health Services, a San Diego County-based healthcare service provider, has been charged with spearheading fraudulent operations that cost the organization $800,000.