Source: Kirby Lee via Alamy Stock Photo

NEWS BRIEF

Texas Tech University's Health Sciences Centers (HSCs) in Lubbock and El Paso are the latest victims of a disruptive cyberattack. The incident impacted the data of 1.4 million patients, exposing a treasure trove of valuable information that could be used for convincing follow-up social engineering attacks, identity theft, and more.

The attackers had access to the university's medical environments between Sept. 17 and 29, during which time they made off with "certain files and folders from the HSCs' network," according to a website notice.

Cyberattackers Steal Reams of Sensitive Patient Data

The folders contained patient names, dates of birth, Social Security numbers, driver's license numbers, financial data, medical information, billing and insurance data, medical records numbers, and more.

"The health and social-care sector has always been a popular target for cybercriminals," Brian Higgins, security specialist at Comparitech, said via email. "The combination of plentiful data points along with the often very sensitive nature of some of the information serves not only to add increased pressure on breached organizations to settle any ransom demands, but also to render individual client-side victims more susceptible to follow-up attacks seeking password or logon access and other personal information."

Related:Microsoft Teams Vishing Spreads DarkGate RAT

In October, a ransomware group called Interlock claimed to be behind the hack, saying that it stole 3.2 terabytes of data from the Red Raiders.

"The group posted images of what it says are stolen documents on its leak site," Paul Bischoff, consumer privacy advocate at Comparitech, said via email. "TTHUSC hasn't verified that claim, but no other groups have claimed responsibility at this time. Interlock is a new ransomware gang that first started adding targets to its leak site in October. This was one of the biggest medical data breaches of 2024."

Texas Tech's Block & Tackle Incident Response

For its part, the school is offering somewhat boilerplate information: "The HSCs are in the process of notifying individuals whose information may be involved in this incident," according to the notice, which added that free credit monitoring is available. "To help prevent a recurrence, the HSCs are reviewing existing security policies and procedures as part of the investigation and are implementing additional safeguards to enhance system protection and monitoring."

It also noted that affected individuals should monitor their credit reports and bank accounts for evidence of identity theft and fraud, review account statements, and scrutinize health care and health insurance billing statements for suspicious activity or errors.

Related:'Dubai Police' Lures Anchor Wave of UAE Mobile Attacks

"One can only hope that Texas Tech will offer a decent level of security mitigation measures … to try to alleviate what is an incredibly stressful situation for all involved," Higgins noted. "It's reasonable, after so many documented attacks, that users should expect high-risk sectors to harden, but that doesn't seem to be happening with the force and frequency necessary to combat the threat."