Security Breach Detected at University of Chicago Medical Center

A security breach was detected at the University of Chicago Medical Center (UCMC) on May 30, 2025. The attackers used Google Calendar as a command and control (C&C) method to orchestrate the attack. The detection of the intrusion was made possible through a defense-in-depth approach, which identified suspicious activities on the hospital's network. The impacts include the exfiltration of sensitive data, notably personal and medical information of patients. Technical details reveal that the attackers exploited an unspecified vulnerability to access internal systems.