A devastating cyberattack has struck the Texas Tech University Health Sciences Center and its El Paso branch (HSCs), compromising sensitive medical and personal data of over 1.4 million patients.
The ransomware attack occurred on September 17 and was detected on September 29, resulting in unauthorized access to the healthcare system's computer networks and the theft of confidential patient information.
According to a filing with the U.S. Department of Health and Human Services Office for Civil Rights, the breach affected 1,465,000 individuals. The stolen data includes highly sensitive information such as:
- Names and addresses
- Dates of birth
- Social Security numbers
- Driver's license numbers
- Financial account details
- Health insurance information
- Medical records
- Billing data
- Diagnosis and treatment information
The attack has been attributed to a newer ransomware group called Interlock, known for targeting major organizations and demanding substantial ransoms. The group has already published 2.1 million files totaling 2.6 terabytes on its leak website.
In response to the major data breach, HSCs is strengthening its security infrastructure and offering free credit monitoring services to affected individuals. The healthcare system is also conducting a comprehensive review of its existing security protocols to prevent future incidents.
This attack represents one of the largest healthcare data breaches in recent U.S. history, highlighting the growing vulnerability of medical institutions to cyber threats and the increasing sophistication of ransomware operations.