SALT LAKE CITY — The University of Utah is investigating a serious data breach.
According to Becker's Hospital Review, University of Utah Health in Salt Lake City reported the data breach to the Department of Health and Human Services on July 20.
Becker's said the email hack of the system affected the information of 10,000 patients.
In a separate news release Wednesday, the University of Utah said it is aware of a recent serious information security incident and is currently investigating. It's unclear if the security incident and the patient data breach are related. More information about the security incident will be distributed when it becomes available, according to the release.
As a precaution, staff, faculty, and students who are not University of Utah Health employees or Epic users will be required to change their uNID passwords by Wednesday, August 5, 2020.
Important note for U of U Health employees and Epic users: You should not change your uNID password at this time. Changing your password at this time could disable your ability to use the IT systems and applications you need to do your work. We will notify you when the password change requirement takes effect for you. In the meantime, other security safeguards are in place to protect your account and associated data.
Notes for main campus users:
- If you recently changed your uNID password (after Sunday, July 19, 2020) you do not need to change your password again before August 5.
- If your local IT support staff has asked for a delay implementing the password change requirement for your organization, they will contact you prior to July 29 and instruct you to refrain from changing your password at this time.
- After August 5, main campus users who have not changed their password will automatically be prompted to change it the next time they log in to a university system that requires uNID/CIS password authentication.
Main campus instructions for changing the uNID password prior to August 5, 2020:
- Important: To avoid being locked out of university IT systems, prior to starting the change process please log out of all university applications and services (e.g., Outlook and UConnect) on all computers and devices that automatically log in to university systems or services (or shut them down). This initial step will help prevent account lockout that may be caused as multiple computers/devices continue to attempt to log in using the old password.
- Review uNID password requirements and guidelines.
- Follow instructions to reset or change your uNID password.
If you’ve forgotten your uNID password and cannot log in to CIS, please visit this IT Knowledge Base article for instructions on how to reset it.
We encourage everyone, including U of U Health staff, to update their IT security questions and answers. Campus and U of U Health IT help desks rely on security profiles to verify user identities before making changes to accounts.
To update your security profile:
- In CIS, search for and select the "Change Your Security Information" tile.
- You will be prompted to select questions from the dropdown menus on security questions 1 and 2. Enter your corresponding answers in the empty fields and if necessary, make note of the answers for your records.
- Select the "Save" button.
If you have questions, your local IT support staff may be able to assist, or you may contact your respective central IT help desk:
801-581-4000 or firstname.lastname@example.org.