University of Utah Health Plans said some of its members were part of a data security incident associated with a vendor, TMG Health. Members who may have been affected have been notified. (Ben B. Braun, Deseret News)
Estimated read time: Less than a minute
SALT LAKE CITY — An unauthorized user accessed a file transfer server and downloaded files that may have contained information of some University of Utah Health Plan members, the university said on Friday.
The breach affected 3,914 plan members. A letter was sent to each of these members on Thursday letting them know their information may have been compromised.
The vendor associated with the MOVEit server, TMG Health, discovered the breach on June 21, but the downloads happened between May 30 and June 2, according to a statement. The user was blocked from all further access as soon as the breach was discovered, U. Health said.
U. Health Plans is working with TMG Health to prevent incidents in the future, and law enforcement is also investigating this incident, the statement said.
The organization is offering one year of complimentary personal identity and privacy protection monitoring to protect its members from adverse impacts due to the data breach.