UCLA Health has officially revealed that it has been a victim of a cyber attack – possibly a criminal one – wherein attackers may have stolen data of as many as 4.5 million individuals.
According to initial information, attacks may have had access to parts of the computer network that contained personal and medical information, through UCLA Health has no evidence that the cyber attacker(s) actually accessed or acquired any individual’s personal or medical information.
UCLA Health estimates that data on as many as 4.5 million individuals potentially may have been involved in the attack. UCLA Health is working closely with FBI and has also hired private computer forensic experts to further secure information on network servers.
“We take this attack on our systems extremely seriously,” said Dr. James Atkinson, the interim associate vice chancellor and president of the UCLA Hospital System. “Our patients come first at UCLA Health and confidentiality is a critical part of our commitment to care. We sincerely regret any impact this incident may have on those we serve. We have taken significant steps to further protect data and strengthen our network against another cyber attack.”
UCLA Health detected suspicious activity in its network in October 2014, and began an investigation with assistance from the FBI. At that time, it did not appear that the attackers had gained access to the parts of the network that contain personal and medical information. As part of that ongoing investigation, on May 5, 2015, UCLA Health determined that the attackers had accessed parts of the UCLA Health network that contain personal information such as names, addresses, dates of birth, Social Security numbers, medical record numbers, Medicare or health plan ID numbers and some medical information. Based on the continuing investigation, it appears that the attackers may have had access to these parts of the network as early as September 2014. We continue to investigate this matter.
At this time, there is no evidence that the attacker actually accessed or acquired individuals’ personal or medical information. Because UCLA Health cannot conclusively rule out the possibility that the attackers may have accessed this information, however, individuals whose information was stored on the affected parts of the network are in the process of being notified.
To reduce risk, UCLA Health is offering all potentially affected individuals 12 months of identity theft recovery and restoration services as well as additional health care identity protection tools. In addition, individuals whose Social Security number or Medicare identification number was stored on the affected parts of the network will receive 12 months of credit monitoring. These services are being provided to affected individuals at no cost.
In today’s information security environment, large, high-profile organizations such as UCLA Health are under near-constant attack. UCLA Health identifies and blocks millions of known hacker attempts each year. In response to this attack, however, we have engaged the services of leading cyber-surveillance and security firms, which are actively monitoring and protecting our network. We have also expanded our internal security team. These are just a few of the important measures we are taking to help protect against another cyber attack.