A ransomware attack targeting the Texas Tech University Health Sciences Center (TTUHSC) has compromised the personal and medical information of 1.4 million individuals.
The breach, which occurred between September 17 and September 29 2024, involved data exfiltration and significant disruptions to university systems.
According to TTUHSC, the stolen data includes names, Social Security numbers, addresses, dates of birth, government-issued ID numbers, financial account information, health insurance details and medical records such as diagnoses and treatments. The university is offering affected individuals free credit monitoring services and has urged vigilance against fraud.
Ransomware group Interlock has claimed responsibility, alleging the theft of 2.6TB of data. The group published a portion of the stolen files online, which reportedly include patient information, medical research and SQL databases.
The breach affected 650,000 individuals at TTUHSC’s Lubbock campus and 815,000 at its El Paso branch. As well as causing prolonged disruption to classes and patient services, communication systems, including the Texas Tech Physicians’ patient portal, were impacted.
TTUHSC's investigation revealed that attackers gained unauthorized access to its network, leading to a temporary shutdown of certain systems. Although Interlock claimed the attack in October, the university has not disclosed whether a ransom was paid.
Healthcare and Education Attacks on the Rise
The breach adds to a troubling trend of ransomware attacks on educational and healthcare institutions. According to Comparitech, this is the largest attack on a US university in 2024 by records compromised and the sixth largest on a healthcare organization this year.
Interlock is a newer ransomware group known for targeting sectors such as healthcare, government and manufacturing. Its operations often involve double extortion, combining data theft with threats to release sensitive information unless a ransom is paid.
Affected individuals are encouraged to monitor their credit reports, bank accounts and health insurance statements for unusual activity. TTUHSC has stated that it continues to work on securing its network while assisting impacted patients and staff.
Image credit: University of College / Shutterstock.com