UCLA Health Breach Exposes 4.5 Million Patients’ Medical Files


Late last week, UCLA Health – the Californian university’s hospital – announced it had suffered a cyber attack on its network, potentially exposing the personal and medical information of nearly 5 million patients.In a statement, the hospital said it had determined the attacker had accessed parts of the UCLA Health system, which contained names, addresses, dates of births, social security numbers, medical record numbers, insurance information, as well as patients’ medical conditions, procedures, test results and medications.“We have notified and are working with the Federal Bureau of Investigation regarding this cyber attack,” said UCLA Health. We continue to investigate the attack with help from third-party computer forensics experts. There are indications that the attacker may have had access to the UCLA Health network as early as September 2014. Our investigation is on-going.”The hospital noted that it has not found any evidence that the attacker actually accessed or acquired the personal or medical information on its network, but said it could not “conclusively rule out that possibility.”UCLA Health stated it is currently taking steps to protect data and has already made modifications to its network to help protect against future cyber attacks.“We take our responsibility to protect personal information entrusted to us very seriously,” added UCLA Health.According to reports, the hospital group has expanded its internal security team, and has engaged with a cybersecurity firm to actively monitor for signs of suspicious activity.Potentially affected individuals are in the process of being notified and are offered one free year of identity protection and credit monitoring services.“We recommend that potentially impacted individuals remain vigilant for incidents of fraud and identity theft by reviewing account statements and monitoring credit reports,” said the hospital.

Leave a Reply