The data breach, revealed late last month, is just the latest in a string of data breaches at the hands of hackers who have managed to get past firewalls to access sensitive information and data. No one appears to be safe: governments, hospitals, healthcare providers - even vehicle operational systems integral to the safe operation of a vehicle, including engine, brakes and airbag systems - have all fallen into the hands of hackers of late.
The UCLA Health System breach affects as many as 4.5 million patients. What’s even worse - and likely a deciding factor in the launching of a UCLA cyber attack lawsuit - is an accompanying revelation that UCLA had failed to properly encrypt the data. Security experts and patient advocates are beside themselves with disgust over that one.
“These breaches will keep happening because the healthcare industry has built so many systems with thousands of weak links,” said Dr. Deborah Peel, founder of Patient Privacy Rights in Austin, Texas, in comments published in the Los Angeles Times (7/18/15).
For its part, UCLA is scrambling to try and shore up its reputation, if not its firewall systems. “We take this attack on our systems extremely seriously,” said Dr. James Atkinson, interim president of the UCLA Hospital System, in comments published in the Los Angeles Times. “For patients that entrust us with their care, their privacy is our highest priority. We deeply regret this has happened.”
That’s a hard statement to swallow relative to headlines such as UCLA Health Facing Data Breach Class-Action lawsuit. But of course they are facing a lawsuit, and will likely be facing more as consumers and Americans in general become increasingly jaded at the prospects of sensitive information falling into the wrong hands. Given the capacity for hackers to keep up with and somehow defeat seemingly impenetrable firewalls and encryptions, consumer advocates remain in disbelief at revelations that keepers of such sensitive data have apparently failed to follow even basic encryption protocols, or so it is alleged.
UCLA says that there was no evidence after the breach was discovered that data had actually been taken, but could not say for sure as the investigation into the UCLA identity theft continues. So far, it has been revealed that UCLA Health had detected “unusual activity” on one of its servers last October, and brought in the FBI (Federal Bureau of Investigation) to help investigate.
The hack wasn’t discovered until May 5 of this year.
Meanwhile, data breaches appear to have prompted some to recommend extraordinary cautions. Just this past Thursday, July 30, the Attorney General for the State of Indiana urged every single resident of the state to completely freeze their credit. This came after Medical Informatics Engineering (MIE) and subsidiary NoMoreClipboard revealed a breach last week affecting 3.9 million Americans.
According to various sources, the breach hit 11 MIE healthcare provider clients and 44 radiology centers and is said to have compromised Social Security numbers, lab results, medical conditions and health plan information for about 1.5 million citizens of Indiana.
“We are faced with yet another massive data breach putting countless Hoosiers at risk of identity theft and fraud,” Attorney General Greg Zoeller said, in a statement. “People cannot sit back and assume they won’t become a victim of these crimes which are costly, time consuming to fix and can have a long-term impact on your financial stability and credit.”
The UCLA identity theft was bigger.
Are Americans getting pissed off? You bet they are. Hence the UCLA lawsuit. And there will be more…