Cyber Incident Victim: University of Pittsburgh Medical Center

On June 7 and June 14, 2018, UPMC Cole experienced two separate phishing attacks targeting employee email accounts. The attacks involved external actors sending deceptive emails designed to appear as legitimate communications from trusted sources, a common tactic to trick recipients into revealing sensitive credentials. These emails contained links directing users to fraudulent login pages or counterfeit websites. Staff members detected the suspicious emails and reported them internally, prompting UPMC Cole to initiate an investigation into the scope and impact of the incidents. The organization confirmed that the phishing attempts were confined exclusively to compromised email accounts and did not extend to any medical records systems or clinical databases. No evidence suggested unauthorized access to patient treatment histories, diagnostic information, or other electronic health record components.

The investigation revealed that personal information belonging to 790 patients treated at UPMC Cole was potentially exposed through the breached email accounts. While specific data categories were not detailed in public disclosures, the notification emphasized the compromise involved personal information rather than medical data. Affected individuals received direct notifications from UPMC Cole advising them of the incident and outlining protective measures. The health system offered complimentary credit monitoring services to mitigate potential financial or identity theft risks stemming from the exposure. UPMC Cole reinforced its cybersecurity protocols following the incident, though no additional technical safeguards or procedural changes were publicly specified. The breach remained isolated to the email environment without further escalation or secondary system compromises reported.