UC San Diego Health says a phishing scheme has targeted its employees, compromising some patient data.
On Jan. 9, the health system learned that two employee email accounts were accessed by unauthorized users due to a phishing attack, according to a March 8 news release on UC San Diego's website.
The health system said after the breach it was able to secure the email accounts and launch an investigation into the incident. Through the investigation, UC San Diego Health learned that the unauthorized access occurred between Jan. 9 through Jan. 22 and that the hackers accessed information of patients in its lung transplant and rheumatology departments.
The compromised information includes patients' names, addresses, email addresses, dates of birth, medical record numbers, health insurance information, treatment cost information, and clinical information.
Some patients had their Social Security numbers compromised as well, according to the health system.
UC San Diego Health said it is mailing notification letters to all individuals whose information may have been involved.