In May 2015, the UCLA Health System experienced a significant data breach, where hackers potentially accessed and copied a database containing sensitive information of patients and hospital staff members. The breach was believed to be the work of criminal hackers, and UCLA Health worked with the FBI and private computer forensic experts to further secure their network servers.

How many accounts were compromised?

The breach compromised data of approximately 4.5 million individuals.

What data was leaked?

The data exposed in the breach encompassed health records, Social Security numbers, addresses, dates of birth, medical diagnoses, and treatment information, along with names and contact details of patients and hospital staff members.

How was UCLA Health hacked?

In the UCLA Health cyber attack, hackers accessed parts of the computer network containing personal and medical information of up to 4.5 million individuals. The attackers potentially had access to these parts of the network as early as September 2014. The breach led to a $2 million class-action lawsuit settlement in 2019.

UCLA Health's solution

In response to the hack, UCLA Health took several measures to secure its platform and prevent future incidents. They engaged the services of leading cyber-surveillance and security firms to actively monitor and protect their network, and expanded their internal security team. UCLA Health also collaborated with the FBI and private computer forensic experts to further secure information on network servers. To regain the trust of patients and stakeholders, the health system invested $5.5 million in new network security improvements and worked with leading experts to enhance preparedness against cyberattacks. Additionally, UCLA Health notified affected individuals and offered them 12 months of identity theft recovery and restoration services, as well as additional health care identity protection tools.

How do I know if I was affected?

UCLA Health notified affected individuals about the breach and offered them identity theft recovery and restoration services. If you believe you may have been affected by the UCLA Health breach but did not receive a notification, you can visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

1. Change Your Passwords: Immediately update your passwords for all accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.

2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

3. Enable Two-Factor Authentication (2FA): Activate 2FA on all important online accounts to significantly reduce the risk of unauthorized access.

4. Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the respective platform.

For more specific help and instructions related to UCLA Health's data breach, please contact UCLA Health IT Support directly.

Where can I go to learn more?

If you want to find more information on the UCLA Health data breach, check out the following news articles:

• UCLA Health Victim of a Criminal Cyber Attack

• UCLA Health System Hacked: 4.5 Million Patient Records Exposed

• UCLA will pay $7.5 million in claims, cyber enhancements to settle 2015 breach