Hackers Target University of Miami Health System Patients

The university’s website said the hackers had accessed patient information from UHealth and were threatening to publish the stolen data if a ransom demand of $10 million in bitcoin was not met.

a hacker at a computer with lines of code in the foreground
Shutterstock/nuclear_lily
(TNS) — The University of Miami is investigating a possible data breach that could compromise information belonging to patients in the University of Miami Health System, UHealth, the university said in a statement.

The breach was part of a nationwide hack of Accellion, a third-party file-sharing system, according to Bleepingcomputer.com. In addition to the University of Miami, data was accessed from the University of Colorado as well as large corporations including the Kroger grocery store chain and Shell Oil Company.
 
The University of Miami’s website said the hackers accessed patient information from UHealth. The university has enlisted the help of “leading cybersecurity experts to assist with our investigation,” the statement said.
 
The website also reported a ransomware attack from a gang that demanded $10 million in bitcoin from the targeted institutions and threatened to publish the stolen data if the demand was not met. The report said the ransomware gang has already began posting data for students at Colorado, including grades and social security numbers.
 
The Miami Herald reported personal information on “a few dozen” UHealth patients was posted on the so-called dark web, a place frequented by hackers. The University of Miami student newspaper, The Miami Hurricane, said faculty was alerted to the breach in an email.
 
Here is the full statement from the university:
 
“The University of Miami is currently investigating a data security incident involving Accellion, a third-party provider of hosted file transfer services.
 
We take data security seriously and data protection is a top priority. As soon as we became aware of the incident, we took immediate action to investigate and contain it. We also retained leading cybersecurity experts to assist with our investigation. We have reported the incident to law enforcement and are cooperating with their investigation. Based on our investigation to date, the incident was limited to the Accellion server used for secure file transfers and did not compromise other University of Miami systems or affect outside systems linked to the University of Miami’s network.
 
We understand that the Accellion security incident affected multiple federal, state, local, tribal, and territorial government organizations, as well as private industry organizations and businesses including those in the medical, legal, telecommunications, finance, higher education, retail, and energy sectors.
 
While we believe based on our investigation to date that the incident is limited to the Accellion server used for secure file transfers, we continue to enhance our cybersecurity program to further safeguard our systems from cyber threats. We continue to serve our University community consistent with our commitment to education, research, innovation, and service."
 
©2021 the Sun Sentinel, Distributed by Tribune Content Agency, LLC.