UCLA Health announced on Friday that attackers accessed parts of its network containing personal and medical information on as many as 4.5 million individuals.
According to a release posted to the website, UCLA Health detected suspicious activity on its network on October 2014, and determined on May 5 that attackers accessed parts of the network containing information such as names, addresses, dates of birth, Social Security numbers, medical record numbers, Medicare or health plan ID numbers and some medical information.
“At this time, there is no evidence that the attacker actually accessed or acquired individuals' personal or medical information,” the release said, adding access to these parts of the network may have been gained as early as September 2014.
UCLA Health has engaged the services of security firms and is expanding its internal security team. All potentially affected individuals are being notified and offered identity protection services.