INDIANA — On Tuesday, Indiana University Health announced that a security breach had compromised some user data. However, the organization emphasized that sensitive financial information and Social Security numbers were unaffected.
The breach, which was discovered on October 18, stemmed from the possible compromise of an employee’s email account. IU Health confirmed that an investigation into the incident, conducted by an external forensics firm, revealed that unauthorized access to the email occurred between October 4 and October 18.
According to IU Health, the compromised data varies by individual but may have included personal details such as address, age, medical record number, diagnosis, or other limited treatment information. Social Security numbers and financial data were not part of the breach, the health organization assured.
“While there was no financial information or Social Security numbers impacted by this incident, as a precaution, we encourage affected individuals to remain vigilant and verify that anyone who is reaching out about personal and/or health information is a legitimate representative of the organization they say they are associated with,” IU Health said in a press release.
IU Health began immediately securing user accounts when the breach was identified. The organization began notifying affected individuals on December 17 and has set up a call center to address concerns. Individuals with questions can reach the dedicated support line at 1-844-920-8857 from 9 a.m. to 9 p.m., Monday through Friday.
IU Health urges individuals to remain cautious about unsolicited communication and verify the legitimacy of any outreach regarding their personal or health information. The organization continues to work on securing its systems and will provide updates as necessary.
