Bad news for nearly 5 million people who are patients or employees of UCLA's sprawling health care system: Hackers might have your private medical records. The health system said today that the sophisticated hack tapped into the network that contains personal and medical information, reports the Los Angeles Times. The good news is that authorities aren't sure the hackers actually stole people's information, only that it was exposed. The bad news is that if they did, that information includes names, addresses, Social Security numbers, insurance identification, and treatment records.
UCLA first noticed a breach in September 2014, but "at that time, it did not appear that the attackers had gained access to the parts of the network that contain personal and medical information," it says in a statement picked up by CNNMoney. The health system realized on May 5 that hackers had actually accessed computers with the sensitive records, though today's announcement comes more than two months after the revelation. It's offering those affected a year's worth of identify-theft protection.