UCLA health system hacked, 4.5 million people affected
HIM-HIPAA Insider, July 27, 2015
Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!
Cyber criminals hacked into part of a computer network at UCLA Health System in California, compromising records of at least 4.5 million people, the university hospital system reported July 17.
There is no evidence yet the hackers obtained access to or acquired individuals’ PHI, although a statement from UCLA Health said the compromised areas of the network contain the following patient information:
- Names
- Addresses
- Birthdates
- Social Security numbers
- Medical record numbers
- Medicare or health plan numbers
The health system is working with the Federal Bureau of Investigation (FBI) and has also hired private computer forensic experts to secure information on network servers.
UCLA Health first detected suspicious activity on its network in October 2014 and began an investigation with the FBI, but it didn’t appear the attackers had gained access to personal or medication information at that time, according to the official statement.
It wasn’t until May 5 that investigators determined the hackers accessed parts of the network containing PHI, said UCLA Health, adding that evidence suggests the hackers may have been active as early as September 2014.
As the investigation continues, the health system is still in the process of notifying possible victims and is offering all 4.5 million people one year of free identity theft and restoration services as well as other healthcare identity protection tools. Additionally, one year of free credit monitoring will be offered to people whose Social Security number or Medicare number was potentially compromised.
“UCLA Health identifies and blocks millions of known hacker attempts each year. In response to this attack, however, we have engaged the services of leading cyber-surveillance and security firms, which are actively monitoring and protecting our network,” read the July 17 statement. “We have also expanded our internal security team. These are just a few of the important measures we are taking to help protect against another cyber-attack.”
In addition to sending letters to potential victims, the health system has also established a website at www.myidcare.com/uclaprotection with more details on how to access fraud detection and prevention services.
This article appeared on HCPro’s HIPAA Update blog. Stay up to date on all things HIPAA by signing up for e-mail updates from this blog.
Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!
Related Products
Most Popular
- Articles
-
- Don't forget the three checks in medication administration
- The consequences of an incomplete medical record
- Practice the six rights of medication administration
- Nursing responsibilities for managing pain
- Q&A: Primary, principal, and secondary diagnoses
- Note similarities and differences between HCPCS, CPT® codes
- Skills of effective case managers
- Complications from immobility by body system
- Prevent dehydration with nursing interventions
- Implications of CMS Changes to H&P Requirements
- E-mailed
-
- Correctly bill ancillary bedside procedures in addition to the room rate
- The Cincinnati Pre-Hospital Stroke Scale
- Q: Will Medicare cover homecare services to residents of assisted living facilities (ALFs)?
- Q/A: Coding infusions to correct low potassium levels
- Q&A: Utilization Review Committee Membership
- OB services: Coding inside and outside of the package
- Know the medical gas cylinder storage requirements
- Intravenous therapy guidelines
- ICD-10-CM coma, stroke codes require more specific documentation
- Eight tips to improve MRI throughput
- Searched
-
- cold weather preparedness in hospital
- 99285 and 99285 with modifier 25
- Nursing home administrator
- 72 hour supervised fasting
- 5.If the ICD10CM replaces ICD9CM Volumes 1 and
- anesthesia code for 45331
- Dynaper
- evidencebased competency management INVALIDem
- g0260
- How to prevent hospitalacquired pressure ulcersinj