Breach hits radiology practice, exposing sensitive data of more than 500,000 patients
A radiology practice in Utah is alerting current and former patients after it discovered a security incident that exposed potentially sensitive information.
Utah Imaging Associates said someone gained unauthorized access to its data and is notifying patients of the breach via first-class mail, the Farmington-based provider announced Nov. 18.
The attack may have affected more than 580,000 Utah residents, according to the U.S. Department of Health and Human Services’ Office of Civil Rights, which is required to post details regarding breaches affecting 500 people or more. At this time, the group of board-certified rads said it isn’t aware of any attempts to maliciously use patient data.
“UIA sincerely regrets any concern or inconvenience this matter may cause, and remains dedicated to ensuring the privacy and security of all information in UIA's control,” the organization said on its website.
Utah Imaging Associates first discovered the attack on Sept. 4 and acted quickly to secure its network and stop further damage. A third-party cybersecurity firm conducted a forensic investigation and found some sensitive files were available during the breach.
The radiology group said it’s offering those affected free credit monitoring and identity theft services.
“Since the discovery of the incident, UIA has taken and will continue to take steps to prevent a similar incident from occurring in the future,” a statement on the firm’s website reads.