UCLA Health Hacked, 4.5 Million Victims
By Jose Pagliery
Hackers broke into the massive hospital network of the University of California, Los Angeles, accessing computers with sensitive records of 4.5 million people.
Names, medical information, Social Security numbers, Medicare numbers, health plan IDs, birthdays and physical addresses -- all were potentially stolen, according to the university.
That could affect anyone who has visited -- or works -- at the university's medical network, UCLA Health, which includes four hospitals and 150 offices across Southern California.
UCLA Health made this announcement on Friday -- two months after it discovered the extent of the data breach.
Evidence collected by UCLA Health indicates hackers slipped into computers in September 2014. The next month, university network alarms "detected suspicious activity," and UCLA Health called in the FBI for help.
"At that time, it did not appear that the attackers had gained access to the parts of the network that contain personal and medical information," UCLA Health said in a statement.
That changed on May 5, when UCLA claims it discovered hackers actually accessed computers with sensitive records.
The hospital group is now notifying staff and patients, offering them one year of identity theft recovery services.
When asked UCLA Health why it waited so long to make this public. A company representative, Tod Tamberg, said: "The process of addressing the technological issues surrounding this incident and the logistics of identifying and notifying the potentially affected individuals was time-consuming."
However, UCLA Health stresses it can't yet be sure that hackers actually accessed -- or stole -- the records themselves.
The FBI said it's currently trying to determine "the nature and scope" of the incident.
The UCLA Hospital System's president, Dr. James Atkinson, apologized to the public in a statement. The hospital group also noted it is under "near-constant attack" by hackers -- blocking "millions of known hacker attempts each year."
UCLA Health said the hack forced it to employ more cybersecurity experts on its internal security team, and to hire an outside cybersecurity firm to guard its network.
Hospitals, health insurance companies, and universities have all become a frequent target for hackers seeking massive databases of personal information. Profile data, Social Security numbers and health records sell on the black market. Illegal data brokers amass large databases of this stolen information, then sell access to identity thieves.
Health care tends to lose larger numbers of records. When insurance giant Anthem was hacked, up to 80 million records were stolen. The Premera health insurance hack hit 11 million people. Hackers also stole data on 4.5 million Community Health System patients.
Universities get slammed as well. Last year, hackers stole 310,000 University of Maryland records. This year, Auburn University exposed its students' Social Security numbers. North Dakota University, Butler University, and Indiana University have all exposed the private information of hundreds of thousands of students.
Articles in this issue:
- Study Confirms What We Knew All Along, Nurses Are Key To Hospital Success
- Nurses Face Death Anxiety From Work In Emergency Rooms
- 5 Things Labor Nurses Want You To Know
- A Plan To Improve Nurse And Patient Safety
- Specially Trained Nurses Help Put Rapists In Jail
- Industry Payments To Nurses Go Unreported In Federal Database
- UCLA Health Hacked, 4.5 Million Victims
Leave a Comment
Please keep in mind that all comments are moderated. Please do not use a spam keyword or a domain as your name, or else it will be deleted. Let's have a personal and meaningful conversation instead. Thanks for your comments!
In This Issue
Liz Di Bernardo