Processing Your Payment

Please do not leave this page until complete. This can take a few moments.

October 28, 2021

UMass Memorial Health hacked, up to 210K patients impacted

Photo | Grant Welker UMass Memorial Medical Center's University Campus in Worcester, which is one of the hospitals under the UMass Memorial Health umbrella

UMass Memorial Health in Worcester has notified patients of a privacy incident last year potentially compromising personal data, in a notice distributed to those impacted by the data breach.

According to the U.S. Department of Health and Human Services Office for Civil Rights, which is tracking the incident, 209,048 people were impacted by the hack of employee emails.

After an investigation, it was determined that the unauthorized person accessed UMass Health’s email accounts between June 24, 2020 and Jan. 7, 2021, per the notice.

The breach was filed with the U.S. Department of Health and Human Services Office for Civil Rights on Oct. 15.

“The investigation was unable to determine whether the unauthorized person actually viewed any emails or attachments in the accounts. Out of an abundance of caution, we reviewed all of the emails and attachments contained in the email accounts to determine if they contained any patient or health plan participant information,” according to the notice.

The information included on the breached accounts included patient information such as names, dates of birth, medical record numbers, health insurance information, and clinical or treatment information, such as dates of service, provider names, diagnoses, procedure information, and/or prescription information. For health plan participants, the information involved included names, subscriber ID numbers, and benefits election information.

Social Security numbers and/or driver’s licenses may have also been involved for several individuals, according to the notice.

This incident did not affect all UMass Memorial patients or health plan participants; but only those whose information was contained in email accounts which had been accessed without authorization, per UMass Health.

Sign up for Enews

WBJ Web Partners

Related Content

1 Comments

Anonymous
October 28, 2021

I got a letter about this type of breach in 2020 and then I got the most recent letter a little more than a week ago. So, UMASS has been hacked at least twice in the last year, and our information has been compromised. I called the # listed in the letter to ask what was being done to make sure this would never happen again. I was told I would get a call back. It has been 5 days since that phone conversation and I have heard NOTHING from UMASS. I have no faith UMASS has any idea how to protect our private healthcare information.

Order a PDF