Cyber Incident Victim: University of North Carolina School of Medicine

On May 20, 2021, the University of North Carolina at Chapel Hill School of Medicine (SOM) and University of North Carolina Hospitals discovered that an unauthorized individual potentially accessed a single SOM faculty member’s email account. The faculty member in question provided clinical services at UNC Hospitals. Upon detection, the organizations immediately secured the compromised email account and initiated an investigation with assistance from a cybersecurity firm. The investigation determined the unauthorized access occurred on April 20, 2021, and was confined exclusively to that faculty member’s account. No evidence indicated compromise of other SOM or UNC Hospitals email accounts or patient information systems. The breach timeline suggested a one-day intrusion with no further unauthorized activity detected beyond April 20.

A thorough review of the email account’s contents revealed messages and attachments containing patient information related to UNC Hospitals care. Exposed data included patient names, dates of birth, diagnosis details, and treatment information. Some records also referenced research studies patients participated in or were eligible for through UNC Hospitals/SOM. The analysis identified health insurance information for fewer than 30 patients and Social Security numbers for fewer than 10 individuals. SOM and UNC Hospitals proceeded to notify affected patients about the potential exposure of their information. The organizations maintained that the incident remained isolated to the single email account, with no broader system infiltration or additional data repositories impacted beyond the identified account’s contents.