Configuration Error at UNOS Results in Data Breach Affecting an Estimated 1.5 Million People

Richard Console, Jr.
Console and Associates, P.C.
Contact
LinkedIn
Facebook
X
Send
Embed

On December 14, 2023, the United Network for Organ Sharing (“UNOS”) posted a website notice confirming that the organization experienced a “configuration error” that “may have permitted access by authorized users to some patients’ personal and health information.” In this notice, UNOS explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their Social Security numbers, dates of birth and medical information.

If you receive a data breach notification from United Network for Organ Sharing, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the United Network for Organ Sharing data breach. For more information, please see our recent piece on the topic here.

What Caused the United Network for Organ Sharing Data Breach?

The United Network for Organ Sharing data breach was only recently announced, and more information is expected in the near future. However, UNOS’s website notice provides some important information on what led up to the breach. According to this source, on December 14, 2023, UNOS posted a notice on its website indicating that the company was “investigating a configuration error that may have permitted access by authorized users to some patients’ personal and health information stored within two UNOS IT environments.”

Evidently, certain patient information was available to others in the organ transplant community. UNOS explained that the incident did not involve an unauthorized party breaching the company’s IT network. Rather, sensitive information was not kept secure, which exposed the data to unauthorized access.

After learning that sensitive consumer data was accessible to an unauthorized party, the United Network for Organ Sharing reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your Social Security number, date of birth and medical information. UNOS notes that names or addresses were not included among the compromised data.

On March 27, 2024, Senators Chuck Grassley (R-Iowa) and Ron Wyden (D-Ore.) drafted a letter to UNOS seeking clarification on how UNOS identified the breach, what the cause of the breach was, the exact number of people affected, and details about the company’s response.

More Information About United Network for Organ Sharing

Founded in 1977 and based in Richmond, Virginia, the United Network for Organ Sharing is a private, non-profit organization and the sole government contractor that manages the nation's organ transplant system. Part of UNOS’ responsibilities include managing the national transplant waiting list. United Network for Organ Sharing employs more than 368 people and generates approximately $51 million in annual revenue.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© Console and Associates, P.C.

Written by:

Console and Associates, P.C.
Console and Associates, P.C.
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide