As many as 4.5 million people may have had their personal information accessed by "criminal cyber attackers", according to a news release sent out by UCLA Health Friday.
The prominent medical provider was clear to point out that although hackers accessed parts of the computer network that contained personal and medical information of patients and providers, it didn't have evidence attackers "actually accessed or acquired" that data.
"We take this attack on our systems extremely seriously," Dr. James Atkinson, the interim associate vice chancellor and president of the UCLA Hospital System, stated in the release. "Our patients come first at UCLA Health and confidentiality is a critical part of our commitment to care. We sincerely regret any impact this incident may have on those we serve. We have taken significant steps to further protect data and strengthen our network against another cyber attack."
Officials from UCLA Health first detected the suspicious activity in October 2014 and alerted the Federal Bureau of Investigation, but said evidence suggested hackers may have had access to patients' and providers' information as early as September 2014. A joint probe was launched and on May 5, officials from UCLA Health determined parts of the network containing personal and medical data was tapped by hackers.
The at-risk sensitive information included names, addresses, birth dates, Social Security numbers, medical records, and Medicare or health plan numbers.
UCLA Health is offering 12 months of identify theft recovery and restoration services for all those affected by the cyber attack. As well as a year of credit monitoring services for those whose Social Security number or Medicare ID number may have been put at risk.
It is also working with cyber-surveillance and security firms to monitor and protect its network in the future.
The potentially millions of at-risk people affected will receive letters over the next few weeks from UCLA Health informing them of the attack and information on how to access the identity and theft restoration services.
Anyone who believes they may have been impacted may go to www.myidcare.com/uclaprotection. Patients with questions are asked to call UCLA Health at 877-534-5972.
