UCLA Health victim of a criminal cyber attack
UCLA Health announced it was a victim of a criminal cyber attack. While the attackers accessed parts of the computer network that contain personal and medical information, UCLA Health has no evidence at this time that the cyber attacker actually accessed or acquired any individual’s personal or medical information.
UCLA Health estimates that data on as many as 4.5 million individuals potentially may have been involved in the attack, believed to be the work of criminal hackers. UCLA Health is working with investigators from the Federal Bureau of Investigation, and has hired private computer forensic experts to further secure information on network servers.
“We take this attack on our systems extremely seriously,” said Dr. James Atkinson, the interim associate vice chancellor and president of the UCLA Hospital System. “Our patients come first at UCLA Health and confidentiality is a critical part of our commitment to care. We sincerely regret any impact this incident may have on those we serve. We have taken significant steps to further protect data and strengthen our network against another cyber attack.”
UCLA Health detected suspicious activity in its network in October 2014, and began an investigation with assistance from the FBI. At that time, it did not appear that the attackers had gained access to the parts of the network that contain personal and medical information. As part of that ongoing investigation, on May 5, 2015, UCLA Health determined that the attackers had accessed parts of the UCLA Health network that contain personal information such as names, addresses, dates of birth, Social Security numbers, medical record numbers, Medicare or health plan ID numbers and some medical information. Based on the continuing investigation, it appears that the attackers may have had access to these parts of the network as early as September 2014. We continue to investigate this matter.
At this time, there is no evidence that the attacker actually accessed or acquired individuals’ personal or medical information. Because UCLA Health cannot conclusively rule out the possibility that the attackers may have accessed this information, however, individuals whose information was stored on the affected parts of the network are in the process of being notified.
To reduce risk, UCLA Health is offering all potentially affected individuals 12 months of identity theft recovery and restoration services as well as additional health care identity protection tools. In addition, individuals whose Social Security number or Medicare identification number was stored on the affected parts of the network will receive 12 months of credit monitoring. These services are being provided to affected individuals at no cost.
In today’s information security environment, large, high-profile organizations such as UCLA Health are under near-constant attack. UCLA Health identifies and blocks millions of known hacker attempts each year. In response to this attack, however, we have engaged the services of leading cyber-surveillance and security firms, which are actively monitoring and protecting our network. We have also expanded our internal security team. These are just a few of the important measures we are taking to help protect against another cyber attack.
UCLA Health is sending letters to affected individuals with details on how to access the identity theft and restoration services, which individuals will receive over the next few weeks, and has established a website for patients that may have been impacted (www.myidcare.com/uclaprotection). Patients with questions about the matter can contact a UCLA Health representative via a special hotline at 877-534-5972, Monday through Friday from 6AM to 6PM. (Pacific Time).