Relias Media - Continuing Medical Education Publishing

The trusted source for

healthcare information and

CONTINUING EDUCATION.

  • Sign In
  • Sign Out
  • MyAHC
    • Home
      • Home
      • Newsletters
      • Blogs
      • Archives
      • CME/CE Map
      • Shop
    • Emergency
      • All Products
      • Publications
      • Study Guides
      • Webinars
      • Group Sales
    • Hospital
      • All Products
      • Publications
      • Study Guides
      • Webinars
      • Group Sales
    • Clinical
      • All Products
      • Publications
      • Study Guides
      • Webinars
      • Group Sales
    • All Access
      • Subscribe Now
      • My Subscription
    • My Account
      • My Subscriptions
      • My Content
      • My Orders
      • My CME/CE
      • My Transcript
    Home » UCLA Health targeted in cyber attack

    UCLA Health targeted in cyber attack

    September 1, 2015
    No Comments
    Reprints
    Facebook Twitter Linkedin Share Share

    Related Articles

    Special Report: The Uninsured - Many Californians lack health insurance for long periods, say UCLA researchers

    Expert says, 'Not so fast' on UCLA conclusions

    Bioterrorism Watch: Traumatized health care providers may need stress counseling in horrific aftermath of bioterror attack

    Related Products

    UCLA Health targeted in cyber attack

    Special Report: The Uninsured - Many Californians lack health insurance for long periods, say UCLA researchers | Single Article

    Bioterrorism Watch: Traumatized health care providers may need stress counseling in horrific aftermath of bioterror attack | Single Article

    The UCLA Health system in Los Angeles was the victim of a cyber attack involving the personal data of 4.5 million people recently, and it is facing two class-action lawsuits from those affected.

    Michael Allen, a UCLA Health patient, filed the lawsuit in U.S. District Court for the Central District of California after public reports said that UCLA Health System Auxiliary failed to have proper security measures in place to prevent the data breach. Most notably, it did not encrypt the data, according to reports. Another patient, Miguel Ortiz, filed a similar lawsuit. Both lawsuits make claims of breach of contract and negligence.

    The health system reported that it first saw unusual activity in a computer server in October 2014 but only confirmed the attack on May 5. An initial investigation suggested the attacker had access to the UCLA Health’s network since September 2014.

    The attack hit parts of UCLA’s network containing protected health information including names, addresses, birth dates, Social Security numbers, medical record numbers, health plan numbers, Medicare numbers, and some medical information.

    Security experts were critical that such a large health system would lack sophisticated defenses for its network. The lack of encryption was particularly surprising, says Adam Kujawa, head of Malware Intelligence at Malwarebytes Labs, the research arm of the anti-malware company in San Jose, CA. “A big problem with this attack, like the breach of Anthem, was a lack of encryption, and therefore security standards that need to be met,” he says. “While there are currently talks going on to create a nationwide security standard for all organizations that hold onto customer data, it might be a better solution to create a central authority for medical documents.”

    That authority could be queried and populated by individual hospitals, insurance companies, and other groups that require customer information, he explains. This information could be sent encrypted and held under a secure lock and key, which would make the breach of an individual organization less severe to the customers.

    “Either way, this is a clear sign of the importance of changing our current security standards across the board,” Kujawa says.

    SOURCE

    • Adam Kujawa, Head of Malware Intelligence, Malwarebytes Labs, San Jose, CA. Telephone: (800) 520-2796.

    Post a comment to this article

    Report Abusive Comment

    www.reliasmedia.com

    Healthcare Risk Management

    View PDF
    Healthcare Risk Management 2015-09-01
    September 1, 2015

    Table Of Contents

    Providers must tread carefully if patient objects to caregiver

    Healthcare Risk Management’ s Ebola coverage wins first place

    Nursing home bars black nurses, loses lawsuit

    New and increased liabilities emerging from Affordable Care Act

    Hospital investigating after ESPN publishes football player’s medical record

    Greater New York Hospital Association says no more reality television access

    Infant injured by an ‘old school’ trick that most hospitals and healthcare systems ban

    Sleep apnea can pose malpractice risk in surgery

    Work hour restrictions not improving safety

    UCLA Health targeted in cyber attack

    Research confirms ‘weekend effect’ on patient safety

    Physician not following through on proposed plan costs hospital $4.8 million

    Failure to transfer patient to a qualified facility results in $23 million jury verdict

    Clarification

    Begin Test

    Buy this Issue/Course

    Shop Now: Search Products

    • Subscription Publications
    • Books & Study Guides
    • Webinars
    • Group & Site
      Licenses
    • State CME/CE
      Requirements

    Webinars And Events

    View All Events
    • Home
      • Home
      • Newsletters
      • Blogs
      • Archives
      • CME/CE Map
      • Shop
    • Emergency
      • All Products
      • Publications
      • Study Guides
      • Webinars
      • Group Sales
    • Hospital
      • All Products
      • Publications
      • Study Guides
      • Webinars
      • Group Sales
    • Clinical
      • All Products
      • Publications
      • Study Guides
      • Webinars
      • Group Sales
    • All Access
      • Subscribe Now
      • My Subscription
    • My Account
      • My Subscriptions
      • My Content
      • My Orders
      • My CME/CE
      • My Transcript
    • Help
    • Search
    • About Us
    • Sign In
    • Register
    Relias Media - Continuing Medical Education Publishing

    The trusted source for

    healthcare information and

    CONTINUING EDUCATION.

    Customer Service

    customerservice@reliasmedia.com

    U.S. and Canada: 1-800-688-2421

    International +1-404-262-5476

    Accounts Receivable

    1-800-370-9210
    ReliasMedia_AR@reliasmedia.com

    Mailing Address

    • 1010 Sync St., Suite 100
      Morrisville, NC 27560-5468
      USA

    © 2021 Relias. All rights reserved.

    Do Not Sell My Personal Information  Privacy Policy  Terms of Use  Contact Us  Reprints  Group Sales

    For DSR inquiries or complaints, please reach out to Wes Vaux, Data Privacy Officer, DPO@relias.com

    Design, CMS, Hosting & Web Development :: ePublishing