IT Outage Updates

Notice of a Cybersecurity Event

The Texas Tech University Health Sciences Center and Texas Tech University Health Sciences Center El Paso (collectively “the HSCs”) are providing notice of a recent incident which may impact the information of certain individuals. This notice explains the incident, the measures taken to address it and the steps potentially affected individuals can take in response.

 

In September 2024, the HSCs identified issues that resulted in a temporary disruption to some computer systems and applications. Immediately after identifying these issues, the HSCs took steps to ensure the security of the network and began an investigation. The investigation confirmed that a cybersecurity event caused the technology issues, resulting in access to or removal of certain files and folders from the HSCs’ network between September 17 and September 29, 2024. As a result, the HSCs conducted a detailed review of the systems involved to determine what information they may contain and to whom it belongs. The information varies by each individual, but may include name, date of birth, address, driver’s license number, government-issued identification number, financial account information, health insurance information and medical information, including medical records numbers, billing/claims data and diagnosis and treatment information.

 

The HSCs are in the process of notifying individuals whose information may be involved in this incident. Out of an abundance of caution, as part of the direct notification the HSCs are providing potentially affected individuals with access to complimentary credit monitoring services. Individuals seeking additional information about this event can contact the toll-free dedicated assistance line at 1-866-902-1996 available Monday through Friday from 7 a.m. to 7 p.m. Mountain Time, excluding major U.S. holidays.

 

To help prevent a recurrence, the HSCs are reviewing existing security policies and procedures as part of the investigation and are implementing additional safeguards to enhance system protection and monitoring.

 

Individuals whose information may be affected by this incident are encouraged to remain vigilant against identity theft and fraud, review account statements and monitor their credit reports, as well as health care and health insurance billing statements, for suspicious activity or errors.

 

Additionally, under U.S. law, individuals are entitled to one free credit report annually from each of the three major credit reporting bureaus, Equifax, Experian and TransUnion. To order a free credit report, visit www.annualcreditreport.com or call toll-free 1-877-322-8228. Individuals may also directly contact the three major credit reporting bureaus listed below to request a free copy of their credit report. 

 

Individuals have the right to place an initial or extended “fraud alert” on a credit file at no cost. An initial fraud alert is a one-year alert placed on an individual’s credit file. Upon seeing a fraud alert display on an individual’s credit file, a business is required to take steps to verify the individual’s identity before extending new credit. If individuals are the victim of identity theft, they are entitled to an extended fraud alert, which is a fraud alert lasting seven years. Should individuals wish to place a fraud alert, please contact any of the three major credit reporting bureaus listed below.

 

As an alternative to a fraud alert, individuals have the right to place a “credit freeze” on a credit report, which will prohibit a credit bureau from releasing information in the credit report without the individual’s express authorization. The credit freeze is designed to prevent credit, loans and services from being approved in an individual’s name without consent.  Individuals should note that placing a credit freeze to control access to their credit report may delay, interfere with or prevent timely approval of new credit applications, loans, mortgages or similar accounts. Pursuant to federal law, individuals cannot be charged to place or lift a credit freeze on their credit report. To request a credit freeze, individuals may need to provide some or all of the following information:

 

1. Full name (including middle initial as well as Jr., Sr., II, III, etc.);
2. Social Security number;
3. Date of birth;
4. Addresses for the prior two to five years;
5. Proof of current address, such as a current utility bill or telephone bill;
6. A legible photocopy of a government-issued identification card (state driver’s license or ID card, etc.); and
7. A copy of identity theft documentation (e.g. a police report, investigative report or complaint to a law enforcement agency)

 

Should individuals wish to place a credit freeze or fraud alert, please contact the three major credit reporting bureaus listed below:

 

Equifax	Experian	TransUnion
https://www.equifax.com/personal/credit-report-services/	https://www.experian.com/help/	https://www.transunion.com/credit-help
1-888-298-0045	1-888-397-3742	1-800-916-8800
Equifax Fraud Alert, P.O. Box 105069 Atlanta, GA 30348-5069	Experian Fraud Alert, P.O. Box 9554, Allen, TX 75013	TransUnion Fraud Alert, P.O. Box 2000, Chester, PA 19016
Equifax Credit Freeze, P.O. Box 105788 Atlanta, GA 30348-5788	Experian Credit Freeze, P.O. Box 9554, Allen, TX 75013	TransUnion Credit Freeze, P.O. Box 160, Woodlyn, PA 19094

 

Individuals may further educate themselves regarding identity theft, fraud alerts, credit freezes and the steps they can take to protect their personal information by contacting the consumer reporting bureaus, the Federal Trade Commission (FTC) or their state Attorney General. The FTC may be reached at: 600 Pennsylvania Avenue NW, Washington, D.C. 20580; www.identitytheft.gov; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261. The FTC also encourages those who discover that their information has been misused to file a complaint with them. Individuals can obtain further information on how to file such a complaint by way of the contact information listed above. Individuals have the right to file a police report if they experience identity theft or fraud. Please note that in order to file a report with law enforcement for identity theft, individuals will likely need to provide some proof that they have been a victim. Instances of known or suspected identity theft should also be reported to law enforcement and the relevant state Attorney General.