Cyber Incident Victim: University of Utah

Between April 6 and May 22, 2020, University of Utah Health experienced a security incident involving unauthorized access to employee email accounts. The breach occurred after employees fell victim to phishing schemes, which allowed attackers to compromise their credentials. Unauthorized actors accessed these accounts intermittently over the six-week period, though the exact number of compromised accounts was not disclosed. The university did not specify whether the phishing attacks involved malicious links, attachments, or other deceptive tactics. No evidence indicated that electronic health record systems or other clinical databases were directly breached during this incident. The organization identified the intrusion through unspecified security monitoring processes but did not publicly disclose the exact date of discovery.

University of Utah Health initiated patient notifications by June 5, 2020, alerting individuals that their protected health information may have been exposed in the email account breaches. The notifications did not quantify the number of affected patients or specify the types of data potentially accessed, though typical email account contents could include names, treatment details, and insurance information. No ransomware deployment or data destruction was reported in connection with the incident. The university implemented standard breach response protocols, including securing the affected accounts and investigating the scope of exposure. No additional corrective actions or security upgrades were detailed in the available public reporting. The incident remained under investigation at the time of public disclosure, with no subsequent updates on regulatory findings or attacker attribution.