University of California San Diego Health Data Breach – Class Action Investigation

Ahdoot Wolfson is interested in speaking with individuals who received a notice letter from the University of California San Diego Health confirming that their personal information was exposed during a recent data breach.  

UC San Diego Health confirmed on July 27, 2021 that highly sensitive information of patients, employees and others was potentially compromised from December 2, 2020 through April 8, 2021, according to a notice posted on the UC San Diego Health website. The notice indicates that the breach occurred via “unauthorized access to some employee email accounts” and officials confirmed that the incursion occurred after someone with a health system email account responded to a “phishing” attempt.

UC San Diego Health was alerted to “suspicious activity” in its digital systems on March 12, 2021, but did not confirm that protected health information had been compromised until May 25. An investigation has discovered that the accounts “contained personal information associated with a subset of our patient, student and employee community.” Data impacted and potentially stolen during the breach includes: full names, addresses, dates of birth, email addresses, fax numbers, claims information including dates and costs of care received, laboratory results, medical diagnoses and conditions, medical record numbers, prescription information, treatment information, Social Security numbers, government identification numbers, financial account numbers, student identification numbers, usernames and passwords.

UC San Diego Health’s failure to protect sensitive personal information may be a violation of data privacy and consumer protection laws. If you received a letter or other notification confirming that you have been impacted by the UC San Diego Health data breach, please fill out the form below and one of the attorneys at Ahdoot Wolfson will promptly contact you.