Texas Tech University System data breach impacts 1.4 million patients

The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients.

The organization is a public, academic health institution that is part of the Texas Tech University System, which educates and trains healthcare professionals, conducts medical research, and provides patient care services.

The organization announced that, in September 2024, it suffered a cyberattack involving sensitive data theft.

“In September 2024, the HSCs identified issues that resulted in a temporary disruption to some computer systems and applications,” reads the notice.

“Immediately after identifying these issues, the HSCs took steps to ensure the security of the network and began an investigation. The investigation confirmed that a cybersecurity event caused the technology issues, resulting in access to or removal of certain files and folders from the HSCs’ network between September 17 and September 29, 2024.”

In a filing with the U.S. Department of Health and Human Services Office for Civil Rights, the Texas Tech University Health Sciences Center reports that the breach exposed the combined data of 1,465,000 people.

The information that may have been exposed to hackers varies by individual and may include the following:

• Full name
• Date of birth
• Physical address
• Social Security number
• Driver’s license number
• Government ID number
• Financial account information
• Health insurance information
• Medical information
• Billing/claims data
• Diagnosis and treatment information

Those who are confirmed to have been impacted will be notified by the organization and will be offered free credit monitoring services.

Impacted individuals are advised to remain vigilant against potential phishing and social engineering attacks, monitor their credit reports and health insurance billing statements, and report any suspicious activity to the authorities.

Interlock claimed the attack

The attack at Texas Tech University Health Sciences Center was claimed by Interlock ransomware on October 27, nearly a month after the healthcare and education institute reportedly blocked the hackers’ access to its systems.

The threat actors have leaked 2.1 million files totaling 2.6 TB of data allegedly stolen from HSCs, and the entire package is available for download from their extortion portal on the dark web.

Interlock is a recently launched ransomware operation that stands out for using an encryptor targeting FreeBSD servers, along with a Windows variant.

BleepingComputer has learned that Interlock demands ransom amounts ranging from hundreds of thousands of dollars to millions, depending on the size of the organization.