UCLA Health Cyber Attack: A Cautionary Tale for Healthcare Organizations

In Healthcare, data security is critical. When the four-hospital UCLA Health System announced on July 17, 2015 that a staggering 4.5 million patients had their private health information and Social Security numbers compromised by hackers, it sent shock waves through the Health industry. This data breach was only the most recent in a growing list of major Healthcare providers that have been affected or targeted by large cyber-attacks.

The size of the UCLA breach was so significant that it has been put into the same group as the Anthem and Premera Blue Cross breaches last year, standing as the fourth biggest HIPAA breach ever reported.  The UCLA breach is just the most recent major cyber attack impacting the Healthcare industry in recent years.

Despite the fact that the actual damaging cyber attack occurred in September 2014, and was first detected by UCLA technicians in October 14, UCLA officials did not notify patients whose information had been compromised until the July 17 announcement date.

What was stolen?  Everything from medical diagnoses, diseases, clinical procedures, test results, addresses, and date of births to Social Security numbers were among the various types of data that was accessed by hackers in the cyber attack.

As UCLA Health officials highlighted in their statement accompanying the announcement of the breach, “large, high-profile organizations such as UCLA Health are under near-constant attack.” While cyber-security workers and companies hired to protect Healthcare organizations are able to prevent millions of hacker attempts, it only takes one successful, unnoticed breach to gain access to plethora of sensitive information.

UCLA Health’s response to this massive breach?  Augmenting its internal security team as well as contracting outside security firms to help monitor and better protect the UCLA Health network.  This is a move that more and more Healthcare organizations are making.  Patients are placing a growing importance on being able to trust that Healthcare organizations are able to protect the patient’s personal information.  As more breaches occur, Healthcare organizations are bulking up their security efforts in order to thwart hacker attempts, or at least diminish their impact.  What are you doing to secure your organization’s data and make sure you are not the next victim of a Healthcare hacker?

Gordian Dynamics understands the sensitivity and vulnerability of Healthcare IT systems. Gordian will work with your organization and ensure a proper analysis of your business’ data security is completed, identify the gaps and design a solution that ensures your data is safe.