Fierce Healthcare
July 17, 2015 | By Dan Bowman
A hack of UCLA Health's computer network may have compromised personal and medical information for as many as 4.5 million individuals, the health system said Friday. Names, addresses, dates of birth, Social Security numbers, medical record numbers, Medicare or health plan ID numbers and some medical information was put at risk, it said in an announcement.
The four-hospital system determined on May 5 that hackers accessed parts of its network; the investigation into the hack, which included participation from the FBI, began last October, when UCLA Health detected suspicious activity.
James Atkinson, interim associate vice chancellor and president of the UCLA Hospital System, said that the system has already taken "significant steps" to protect data and strengthen its network. UCLA is offering all those impacted by the breach 12 months of identity theft recovery and restoration services on top of other healthcare ID protection tools.
The health system also is working with "leading cybersurveillance and security firms" to monitor its network, and has expanded its internal security team.
"We take this attack on our systems extremely seriously," Atkinson said. "We sincerely regret any impact this incident may have on those we serve."
In an interview with the Los Angeles Times, Atkinson called the hackers "a highly sophisticated group, likely to be offshore."
The attack is the latest in a recent string of high-volume breaches. Health insurers Anthem and Premera Blue Cross discovered data breaches earlier this year, with the former's compromising the personal health information of 80 million customers. A hack of CareFirst announced in May also compromised information for roughly 1.1 million current and former consumers.
Last summer, a breach of Franklin, Tennessee-based Community Health Systems--which operates 206 hospitals in 29 states--also compromised information for about 4.5 million consumers.
Breaches have become so prevalent of late that the Blue Cross Blue Shield Association recently announced an initiative to offer identity protection services to all of its 160 million members preemptively. However, security expert Mac McMillan, chairman and cofounder of healthcare information security firm CynergisTek Inc., isn't sure the "generous" move goes far enough.
"The real problem here is trying to avoid having breaches in the first place," he toldFierceHealthPayer. "It's almost as if the presumption is there are going to be breaches, and therefore, they're just going to go ahead and offer the protection ahead of time."
Related Articles:
CareFirst hack compromises info for 1.1 million consumers
Premera says data breach may affect 11 million consumers
Cybersecurity: How health executives handle growing privacy threats [Special Report]
Anthem hack: Employee access, not encryption, the problem
8 best practices for payer data security
Security experts on Anthem breach: The biggest threat lurks inside your company
Anthem hack compromises info for 80 million customers
Community Health Systems hack compromises info for 4.5 million patients
BCBS Association's identity protection offer 'generous,' but does it go far enough?
Blue Cross Blue Shield Association to offer identity protection services to all 106M members
Thank You Mr Bowman and FH.
CareFirst hack compromises info for 1.1 million consumers
Premera says data breach may affect 11 million consumers
Cybersecurity: How health executives handle growing privacy threats [Special Report]
Anthem hack: Employee access, not encryption, the problem
8 best practices for payer data security
Security experts on Anthem breach: The biggest threat lurks inside your company
Anthem hack compromises info for 80 million customers
Community Health Systems hack compromises info for 4.5 million patients
BCBS Association's identity protection offer 'generous,' but does it go far enough?
Blue Cross Blue Shield Association to offer identity protection services to all 106M members
Thank You Mr Bowman and FH.
No comments:
Post a Comment
All standard cautions apply. Your milage may vary.
So Try to be an Adult, [no carpet F bombings, Pron, open threats, etc.] and not a Psychiatrist, about it. Google account, for now, is no longer required to comment, but moderation is in effect.