UCLA Health Cyberattack Leaves Over 4 Million Customer Records Exposed

Information systems of the health division of the University of California, Los Angeles (UCLA) was hit by a “criminal cyberattack,” according to a statement by the hospital issued on Friday.

According to the UCLA Health statement, the cyberattack exposed “parts of the computer network that contain personal and medical information.”

“UCLA Health estimates that data on as many as 4.5 million individuals potentially may have been involved in the attack, believed to be the work of criminal hackers.”

The UCLA Health cyberattack left personal information, including Social Security numbers and medical information of over 4 million of UCLA Health’s patients, exposed.

The statement was published after UCLA Health and the FBI conducted an investigation on a possible cyberattack on UCLA Health’s network in October of last year, suggesting that the cyberattack was the work of several months.

“Based on the continuing investigation, it appears that the attackers may have had access to these parts of the network as early as September 2014,” the UCLA Health statement continued.

Although UCLA Health could not determine whether the personal information was actually accessed during the cyberattack, it has decided to offer its patients a year of extra data security and maintenance services and plans on expanding its internal security team to combat any potential future cyberattack.

The UCLA Health cyberattack is just one of many other cyberattack incidents on information systems of other health-related organizations.

According to ZDNet, health insurance company Anthem faced a cyberattack earlier this year that resulted in records of about 80 million of its subscribers exposed. ZDNet also stated thatmultinational financial services company JPMorgan also suffered massive cyberattack that exposed millions of records.

NPR reported that in March 2015, up to 11 million customer records of another health insurance giant, Premera Blue Cross, were also exposed as a result of a sophisticated cyberattack. The cyberattack on Premera Blue Cross was also a work of several months that seems to have started in December 2013.

CVS pulled its online photo service offline after it also was hit by a cyberattack, according to Reuters. Instead of the online services, CVSphoto has posted a statement explaining the incident.

Cardiologist and Medscape editor-in-chief Eric Topol tweeted a chart showing the shocking number of cyberattack incidents on medical data since April 2008.

Apart from the UCLA Health cyberattack, major system failures, including a recent New York Stock Exchange (NYSE) system failure, have also exposed the vulnerability modern information systems face. How worried are you about internet security in the face an even larger cyberattack?

[Photo by Mel/Getty Images]