LOS ANGELES ― A months-long cyberattack on the University of California, Los Angeles hospital system put at risk the personal information for up to 4.5 million people, officials said Friday.
UCLA Health said in a statement that, while there’s no evidence hackers acquired personal or medical data, it can’t be ruled out yet.
Officials said they were working with the FBI to track the source of the attacks.
The FBI said in a statement that the agency was looking into the nature and scope of the cyberattack, as well as the person or group responsible.
University of California President Janet Napolitano ordered an outside cybersecurity group to assess the computer security system throughout the UC system and look for potential vulnerabilities.
Beginning as early as September 2014, hackers accessed a UCLA Health network that contains “personal information such as names, addresses, dates of birth, Social Security numbers, medical record numbers, Medicare or health plan ID numbers and some medical information,” the UCLA statement said.
UCLA Health has hired private computer forensic experts to further secure information at its four hospitals. Free identity-protection services will be offered to people who may have been affected.
