On December 14, 2023, the United Network for Organ Sharing (“UNOS”) posted a website notice confirming that the organization experienced a “configuration error” that “may have permitted access by authorized users to some patients’ personal and health information.” In this notice, UNOS explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their Social Security numbers, dates of birth and medical information.
If you receive a data breach notification from United Network for Organ Sharing, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the United Network for Organ Sharing data breach. For more information, please see our recent piece on the topic here.
What Caused the United Network for Organ Sharing Data Breach?
The United Network for Organ Sharing data breach was only recently announced, and more information is expected in the near future. However, UNOS’s website notice provides some important information on what led up to the breach. According to this source, on December 14, 2023, UNOS posted a notice on its website indicating that the company was “investigating a configuration error that may have permitted access by authorized users to some patients’ personal and health information stored within two UNOS IT environments.”
Evidently, certain patient information was available to others in the organ transplant community. UNOS explained that the incident did not involve an unauthorized party breaching the company’s IT network. Rather, sensitive information was not kept secure, which exposed the data to unauthorized access.
After learning that sensitive consumer data was accessible to an unauthorized party, the United Network for Organ Sharing reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your Social Security number, date of birth and medical information. UNOS notes that names or addresses were not included among the compromised data.
On March 27, 2024, Senators Chuck Grassley (R-Iowa) and Ron Wyden (D-Ore.) drafted a letter to UNOS seeking clarification on how UNOS identified the breach, what the cause of the breach was, the exact number of people affected, and details about the company’s response.
More Information About United Network for Organ Sharing
Founded in 1977 and based in Richmond, Virginia, the United Network for Organ Sharing is a private, non-profit organization and the sole government contractor that manages the nation's organ transplant system. Part of UNOS’ responsibilities include managing the national transplant waiting list. United Network for Organ Sharing employs more than 368 people and generates approximately $51 million in annual revenue.