Over 90 Total Lots Up For Auction at One Location - WA 04/08

Massive UCLA Health cyberattack may put millions of patient records at risk

by Thomas Dworetzky, Contributing Reporter | July 20, 2015
Business Affairs Risk Management
UCLA Health is the latest to fall victim to hackers in a cyberattack, which according to the FBI was perpetrated by highly sophisticated offshore thieves. Potentially as many as 4.5 million individuals' medical and personal records were at high risk.

“We take this attack on our systems extremely seriously,” said Dr. James Atkinson, the interim associate vice chancellor and president of the UCLA Hospital System, in a statement.

In an astutely proactive response and in an effort to ease concerns of patients whose information may have been accessed, the health system is offering 12 months of identity theft protection to potentially affected individuals, plus additional health care identity protection tools, it said in a statement. Beyond that, all who had Social Security or Medicare numbers on the system will get a year of credit monitoring.

“Our patients come first at UCLA Health, and confidentiality is a critical part of our commitment to care," noted Atkinson. "We sincerely regret any impact this incident may have on those we serve."

Hackers love getting their hands on medical records. Beyond Social Security and credit card information, the depth of data provides them with an extraordinary insight into potential victims lives — and thus greater opportunities to take advantage of them.

At present, it isn't clear, according to UCLA, the Federal Bureau of Investigation and private computer forensic experts that the access led to hackers making off with any data, according to Reuters.

UCLA Health first uncovered suspicious activity in its network in October 2014. It then brought in the FBI and started an urgent investigation.

In 2014, it seemed that UCLA had dodged the bullet and that the hackers had been unable to access personal and medical information.

The investigation continued, and on May 5, 2015, UCLA Health found that hackers had gained entry to parts of the network containing personal information such as names, addresses, dates of birth, Social Security numbers, medical record numbers, Medicare or health plan ID numbers, and some medical information.

Further network forensic analysis has suggested that, in fact, the thieves might have succeeded in penetrating those parts of the network that held that data as early as September 2014.

This network breach has led UCLA Health to ramp up its defensive efforts. "We have taken significant steps to further protect data and strengthen our network against another cyber attack,” stated Atkinson. Measures taken include hiring external cyber-surveillance and security firms to actively monitor its networks and step up protection measures. It has added staff to its internal security team as well, it reported.

This is just the latest massive health system hack recently. In February, Anthem, the second largest health insurer, experienced a large data intrusion. Last year hospital operator Community Health Systems had a similar hacking incident that compromised nearly 4.5 million records.

You Must Be Logged In To Post A Comment