Saturday, June 14, 2025, 6:56AM |  70°
MENU
NEWSLETTERS
U.S. Steel and Nippon can consummate their deal with national security agreement signed
Gerry Dulac: Sam Burns escapes Oakmont's wrath with historic Round 2, while world's best left reeling
Despite USGA objections, some Oakmont residents find an unofficial parking profit windfall
21 more Pa. Rite Aids to close and transfer prescriptions to Giant Eagle
Brandon McGinley: An encounter with greatness at Oakmont
Chris Dell's Round 3 U.S. Open betting guide: Buys, fades and best bet matchups using strokes gained data
Homepage
This Just In
Chats
Weather
Traffic
Event Guide
PG Store
RSS Feeds
PGe
The Digs
Video
Photos
21 more Pa. Rite Aids to close and transfer prescriptions to Giant Eagle
Gov. Josh Shapiro at Oakmont touts 'big, exciting things' lined up for Pennsylvania in 2026
Israel strikes Iran's nuclear sites and kills its top generals; Iran retaliates with missile barrage
Marines take over some security in L.A. while cities across US prep for 'No Kings' rallies
With ticks in their teeny-tiny nymph phase in Western Pa., now is the time to be extra vigilant with preventive measures
U.S. Steel and Nippon can consummate their deal with national security agreement signed
News Home
Crime & Courts
Politics
Education
Health & Wellness
Transportation
State
Nation
World
Weather News
Obituaries
News Obituaries
Science
Environment
Faith & Religion
Social Services
Pittsburgh Public parents search for new camps after Summer B.O.O.S.T. canceled
Despite USGA objections, some Oakmont residents find an unofficial parking profit windfall
Sam Burns, a hole-in-one and play suspended late on Day 2 of the U.S. Open at Oakmont
21 more Pa. Rite Aids to close and transfer prescriptions to Giant Eagle
With ticks in their teeny-tiny nymph phase in Western Pa., now is the time to be extra vigilant with preventive measures
With community support, Riley's Pour House in Carnegie is rebuilding
Local Home
City
Region
East
North
South
West
Washington
Westmoreland
Obituaries
Classifieds
Public Notices
Gerry Dulac: Sam Burns escapes Oakmont's wrath with historic Round 2, while world's best left reeling
Jason Mackey: Viktor Hovland has handled the bumps at Oakmont. Could a U.S. Open title be next?
Steelers defense trying to fix its ‘Baltimore problem’
Can Steelers' Aaron Rodgers be like Tom Brady, Peyton Manning and have success with a new team?
3 takeaways: 'Dirty work' from Isiah Kiner-Falefa vaults Pirates to a win; Paul Skenes takes no decision
Chris Dell's Round 3 U.S. Open betting guide: Buys, fades and best bet matchups using strokes gained data
Sports Home
Steelers
Penguins
Pirates
2025 U.S. Open
Sports Columns
Gene Collier
Jason Mackey
Joe Starkey
Paul Zeise
Pitt
Penn State
WVU
North Shore Drive Podcast
Riverhounds
Sports Betting
Fantasy Football
NFL
NHL
MLB
NBA
NCAA
College Sports
High School Sports
Brandon McGinley: An encounter with greatness at Oakmont
Dennis Jett: Donald Trump is selling more ambassadorships than normal
Stephen L. Carter: In fighting the press, Donald Trump continues what John Adams and Abraham Lincoln started
Jeff Meyerl: Free hunters to hunt on Sundays
Philip Martell: Cyber Charter funding is draining our schools
Editorial: Beyond Oakmont, Pittsburgh is a great golf town for everyone
Opinion Home
Editorials
PG Columnists
Special to the PG
Insight
Letters
Op-Ed Columns
Review: What does the death of a dictator sound like? The Pittsburgh Symphony closed its season with a blast of Shostakovich
Wayne Lewis, singer with R&B group Atlantic Starr, dies at 68
Douglas McCarthy, singer for electronic group Nitzer Ebb, dead at 58
Rapper Ye, formerly known as Kanye West, shows up for Sean 'Diddy' Combs' trial but can't get in
Review: 'Materialists' is an absorbing, transporting romantic comedy
How a T-shirt from tiny Avonworth ended up on HBO's 'And Just Like That...'
A&E Home
Celebrities
Movies
TV & Radio
Music
Concert Listings
Theater & Dance
Art & Architecture
Books
Events
Is there a more classic summer cocktail than gin and tonic?
Bees and visitors will be buzzing in this family's garden for this Mt. Lebanon tour
Shorty’s Pins & Pints to take over Voodoo Brewing on North Shore
‘Steel City Dog’ helping hot dog sales sizzle at U.S. Open
Steelers defense trying to fix its ‘Baltimore problem’
Buying Here: This mansion once owned by the Clark Bar's creator is listed for $3.5M
Life Home
Food
Dining
Recipes
Drinks
Buying Here
Homes & Garden
goodness
Random Acts of Kindness
Seen
Outdoors
Style & Fashion
Travel
Holidays
With community support, Riley's Pour House in Carnegie is rebuilding
U.S. Steel and Nippon can consummate their deal with national security agreement signed
Shorty’s Pins & Pints to take over Voodoo Brewing on North Shore
‘Steel City Dog’ helping hot dog sales sizzle at U.S. Open
Despite USGA objections, some Oakmont residents find an unofficial parking profit windfall
State tourism officials: In 2026, Pa. will be the 'epicenter of the sports world'
Business Home
Building PGH
Your Money
Business of Health
Powersource
Workzone
Tech News
Business / Law
Other Business
Consumer Alerts
Top Workplaces
MENU
SECTIONS
OTHER
CLASSIFIEDS
CONTACT US / FAQ
Advertisement

UPMC data breach could be part of a national scheme

UPMC data breach could be part of a national scheme

Health care providers across the nation have been targeted by cybercriminals
Pittsburgh Post-Gazette logo
Deborah M. Todd
Pittsburgh Post-Gazette
Apr 19, 2014
3:18 AM
0

The data breach that has compromised the personal information of thousands of UPMC employees and the tax returns of hundreds more could be part of a national scheme.

UPMC confirmed Thursday that a data breach thought to only affect a few dozen employees when announced in February has actually revealed the personal information of approximately 27,000 employees.

Among those employees, 788 have experienced some form of tax fraud and several others have had bank accounts wiped clean, according to Michael Kraemer, a Pittsburgh attorney who has filed a suit seeking class-action litigation against UPMC. The health care organization and its subsidiaries employ approximately 62,000 people.

Advertisement

Questions surrounding how the breach occurred and how long UPMC knew about it before alerting employees have yet to be answered, said Mr. Kraemer.

However, if UPMC were caught up in a scheme that has resulted in the filing of more than $1 million in fraudulent tax returns this year, the company may not have understood the full scale of the data breach until it was too late.

Brian Krebs, a former Washington Post cybersecurity reporter who operates the investigative blog KrebsonSecurity.com, said at least half a dozen health care providers across the nation have been targeted by cybercriminals hacking into third party vendors to access human resources or payroll records.

According to Mr. Krebs, individuals within the payroll or human resources department likely had their computers compromised by malware designed to steal their login and password credentials. Once cybercriminals had the credentials, they would access employees' W2 records through cloud-based third-party vendors that store payroll and personnel information. The criminals then use that information to file the false returns with online tax software.

Advertisement

Mr. Krebs uncovered the scam in March when he came across a Web-based control panel used by criminal gangs to track individuals whose data had been used to file false returns. So far, more than six health care companies have been affected. He did not directly investigate the UPMC incident and could not say for sure if it was affected by that particular breach.

The full report on the breach can be found at: krebsonsecurity.com/2014/04/crimeware-helps-file-fraudulent-tax-returns.

UPMC spokeswoman Gloria Kreps didn't immediately answer questions surrounding whether the organization was affected by the breach Mr. Krebs uncovered.

Once an organization discovers a common denominator is a third-party vendor, there's no quick way to find out every Social Security number that has been compromised.

"It's not like they can just call the IRS and ask them. If they're working with a third-party vendor, they need to work with them to find out which records were accessed and which employees are at risk," Mr. Krebs said.

Regardless of how far UPMC believed the investigation reached, Mr. Kraemer said erring on the side of caution could have saved employees thousands of dollars and weeks of grief. "The minute they confirmed there was a data breach, they should have mitigated the situation. A lot of people could have avoided problems if they knew to contact the IRS in advance to tell them to stop payment on the refund check," he said.

UPMC is encouraging all of its employees to notify their banks and check with the IRS to ensure they have not had fraudulent returns filed in their name. The company also is providing LifeLock identity protection free of charge to employees who enroll in the program by April 28.

To report suspected tax fraud to the IRS, call the Tax Fraud Hotline at 1-800-829-0433 or visit www.irs.gov/Individuals/How-Do-You-Report-Suspected-Tax-Fraud-Activity%3F.

First Published: April 19, 2014, 3:18 a.m.

RELATED
SHOW COMMENTS (0)  
Join the Conversation
Commenting policy | How to Report Abuse
If you would like your comment to be considered for a published letter to the editor, please send it to letters@post-gazette.com. Letters must be under 250 words and may be edited for length and clarity.
Must Read
Standing where Riley’s Pour House once served as Carnegie’s gathering spot, owner Joe Riley talks future plans on Tuesday, June 10, 2025. The pub was destroyed by fire in November, but Mr. Riley hopes to reopen in time for St. Patrick’s Day 2026.
local
With community support, Riley's Pour House in Carnegie is rebuilding
This is the Pittsburgh Steelers logo on the field at Acrisure Stadium before an NFL football game between the Pittsburgh Steelers and Cleveland Browns, Sunday, Dec. 8, 2024, in Pittsburgh.
sports
Two highly visible changes coming to Acrisure Stadium ahead of 2026 NFL draft
The house at 5435 Dunmoyle St., Squirrel Hill, was built in 1905.
life
Buying Here: This mansion once owned by the Clark Bar's creator is listed for $3.5M
From Our Sponsors
Sponsored
Sponsored
Sponsored
Partners
Advertisement
TRENDING
A man sits in golfcart advertising parking for $60 on private parking near Oakmont Country Club. Some residents are making thousands of dollars a day by letting people park on their lawns, for a fee.
1
business
Despite USGA objections, some Oakmont residents find an unofficial parking profit windfall
Fri, Jun 13, 2025, 8:22pm Joe Lister
Baltimore Ravens running back Derrick Henry, right, runs with the ball as teammate wide receiver Tylan Wallace, left, blocks Pittsburgh Steelers cornerback Donte Jackson during the first half of an NFL wild-card playoff football game, Saturday, Jan. 11, 2025, in Baltimore.
2
sports
Steelers defense trying to fix its ‘Baltimore problem’
Fri, Jun 13, 2025, 2:50pm Ray Fittipaldo
Protesters gather around the City-County Building in Downtown Pittsburgh during the "Hands Off!" nationwide protest on Saturday, April 5, 2025. The city is preparing for this weekend's planned "No Kings" demonstration, organized nationwide.
3
news
How Pittsburgh public safety leaders are preparing for 'No Kings' protests
Thu, Jun 12, 2025, 11:08pm Megan Guza
This is the Pittsburgh Steelers logo on the field at Acrisure Stadium before an NFL football game between the Pittsburgh Steelers and Cleveland Browns, Sunday, Dec. 8, 2024, in Pittsburgh.
4
sports
Two highly visible changes coming to Acrisure Stadium ahead of 2026 NFL draft
Fri, Jun 13, 2025, 2:26am Adam Babetski
Pittsburgh Pirates shortstop Isiah Kiner-Falefa makes a play against the Chicago Cubs during the eighth inning of a baseball game Friday, June 13, 2025, in Chicago.
5
sports
3 takeaways: 'Dirty work' from Isiah Kiner-Falefa vaults Pirates to a win; Paul Skenes takes no decision
Sat, Jun 14, 2025, 12:06am Colin Beazley
Advertisement
LATEST business
Advertisement
Pittsburgh skyline silhouette
Copyright © 1997-2025 PG Publishing Co. All rights reserved
TOP
Email a Story