UPMC Data Breach Twice as Big as Originally Reported | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

UPMC Data Breach Twice as Big as Originally Reported

June 2, 2014
by Rajiv Leventhal
| Reprints

A February breach of employees' personal data at the University of Pittsburgh Medical Center (UPMC) has affected more than twice as many people as originally thought, according to an updated report in the Pittsburgh Tribune-Review.

In April, it was reported that the personal information of 27,000 of its employees might have been put at risk by identity thieves, with nearly 800 workers falling victim to a fraudulent tax return scheme. In late February, UPMC learned that some of its employees were targeted by a fraudulent tax return scheme. It was determined that the source of information used to commit this crime was obtained through unauthorized access that allowed some personal employee information to be exposed, according to the healthcare organization.

But on May 30, the health system—which is the largest non-governmental employer in Pennsylvania, with more than 62,000 employees— is acknowledging that all of its employees are now at risk of identity theft. In an emailed statement to employees obtained by the Tribune-Review, UPMC officials said that no other data breaches beyond the initial one, which was limited to a payroll system and did not affect patient data.

“Recent developments in the ongoing investigation suggest that the scope may be larger than originally thought, potentially affecting every employee,” according to the email. “The information stolen several months ago may include names, Social Security numbers, addresses, salary information, and even bank account information.”

Since first indication, UPMC says it has been working with the Internal Revenue Service (IRS), the Federal Bureau of Investigation (FBI), the Secret Service, and information technology sources to determine the cause and scope of the breach, to prevent any further unauthorized access, and to track down the perpetrators of the serious crime. The breach has also already led a UPMC employee to file a lawsuit in state court seeking class action status and 25 years of credit and bank monitoring, credit restoration services and identity theft insurance.

UPMC is offering LifeLock fraud detection services to all employees for free, the email stated, and is working with LifeLock to extend coverage for five years. UPMC has also asked workers to contact their banks about the theft.

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

KLAS Research: Small Hospitals’ Buying Decisions Impacting EMR Market Share

A new KLAS Research report tracks shifts in electronic medical record (EMR) vendor market share among acute care hospitals, and finds that smaller hospitals are seeking technology solutions that meet their needs and limited budgets, and these contracts are making a mark on the EMR market.

Survey: Majority of Providers Predict Success for New Generic Drug Company, Project Rx

Back in January, four health systems, in consultation with the VA, announced a collaboration to develop a new, not-for-profit generic drug company. A survey has found that 90 percent of providers say they would become customers of the new venture.

Personalized Medicine Awareness Low Among U.S. Adults, Survey Finds

Genetics and personalized medicine are not top of mind for the general public in the U.S., according to a recent survey from GenomeWeb and the Personalized Medicine Coalition.

Industry Organizations Praise Senate Passage of VA Mission Act

The U.S. Senate on Wednesday passed, by a vote of 92-5, a major Veterans Affairs (VA) reform bill that includes health IT-related provisions to improve health data exchange between VA healthcare providers and community care providers.

NIH Issues Funding Announcement for All of Us Genomic Research Program

The National Institutes of Health’s (NIH) “All of Us” Research Program has issued a funding announcement for genome centers to generate genotype and whole genome sequence data from participants’ biosamples.

MGMA: Physician Compensation Data Illustrates Nationwide PCP Shortage

Primary care physicians’ compensation rose by more than 10 percent over the past five years, representing an increase which is nearly double that of specialty physicians’ compensation over the same period, according to the Medical Group Management Association (MGMA).