The Texas Tech University Health Sciences Center (TTUHSC) and its El Paso branch recently experienced a significant cyberattack that disrupted critical systems and compromised sensitive data belonging to 1.4 million patients.
TTUHSC, a public academic health institution within the Texas Tech University System, focuses on educating healthcare professionals, conducting medical research, and delivering patient care services.
Details of the Cyberattack
According to the organization’s official notice, the cyberattack occurred in September 2024 and caused temporary disruptions to systems and applications.
“In September 2024, the HSCs identified issues that resulted in a temporary disruption to some computer systems and applications. Immediately after identifying these issues, the HSCs took steps to ensure the security of the network and began an investigation,” the notice states.
The investigation revealed that between September 17 and September 29, 2024, hackers gained unauthorized access to the network, resulting in the theft of files and folders containing sensitive data.
What Data Was Exposed?
The breach reportedly exposed the personal and medical information of 1,465,000 individuals, including:
- Full name
- Date of birth
- Physical address
- Social Security number
- Driver’s license number
- Government ID number
- Financial account details
- Health insurance information
- Medical records
- Billing and claims data
- Diagnosis and treatment details
Interlock Ransomware Claims Responsibility
The Interlock ransomware group took credit for the attack on October 27, 2024, about a month after TTUHSC successfully blocked further access to its systems.
Interlock claims to have stolen 2.6 TB of data, consisting of 2.1 million files and has made the entire data package available for download via its dark web extortion portal.
