Hackers Breach UCLA Server and Swipe Anthem Medicare Customer Info

It's never a boring week in ThreatWatch, Nextgov's regularly updated index of cyber incidents. 

UCLA Notifies 32,000 Students of Cyberattack

The University of California, Los Angeles recently reported a cyberattack on a server that contained the personal information of about 32,000 students.

The university detected unauthorized access to a Summer Sessions & International Education Office server on May 18 and started notifying potentially impacted students when the forensics “could not rule out all risk to the personal information on the server,” according to a university statement.

The server housed personal information including names, birthdates, Social Security numbers, health insurance IDs and some medical information supplied by the students like whether they have allergies or are taking medication. The attack affects students who provided information before April 13, 2016.

“Extensive forensic analysis of the attack does not show that the attacker actually accessed or acquired any personal information on the server,” the university said. However, it will offer students one year of free credit protection and suggests they monitor their credit and debit statements.  

18,500 Anthem Customers Exposed by Contractor 

More than 18,500 customers’ personal data may have been exposed by an Anthem contractor, CNBC reported.

An employee emailed a file with Anthem customers’ information to his personal email address, the consulting firm LaunchPoint Ventures discovered, according to the report. LaunchPoint was investigating the employee for identity theft at the time, CNBC reported.

The emailed data included protected health information, primarily Social Security and Medicare identification numbers. LaunchPoint notified Anthem June 14; Anthem notified the Department of Health and Human Services July 24.

“LaunchPoint has terminated the employee, hired a forensic expert to investigate, and is working with law enforcement,” a company statement said. “LaunchPoint is reinforcing existing policies and protocols and is evaluating additional safeguards to prevent any similar incidents from occurring in the future.”

The company is offering victims two years of credit monitoring and identity theft restoration services.