North Los Angeles County Regional Center Targeted by Ransomware

There is currently no evidence of identity theft or fraud in relation to this incident.

By HFT Staff


On November 28, 2024, North Los Angeles County Regional Center (NLACRC) discovered suspicious activity on their systems with indicators consistent with a ransomware event. They immediately began an investigation and took steps to contain the situation. This included notifying federal law enforcement and engaging cybersecurity and privacy professionals to assist 

Currently, the investigation found evidence of unauthorized activity within NLACRC computer systems on November 20, 2024, through December 1, 2024, and took a copy of some information before encrypting or encoding certain computer systems to render them inaccessible. The investigation determined that some personal information was copied from their systems. There is currently no evidence of identity theft or fraud in relation to this incident. 

Based on the current findings of the investigation, the following types of information for clients may have been impacted: first and last names, addresses, dates of birth, telephone numbers, social security numbers, email addresses, financial account information, payment card information, health plan numbers, health plan beneficiary numbers, health insurance information, full-face photos and/or comparable images, UCI and patient ID numbers (unique identifying number or code generated by us for you), medical information, lab results, medications, diagnosis and/or treatment information, treatment cost information, disability codes, and certificate/license numbers.  

These are general categories of information that NLACRC believe may be present within the affected systems and may have been accessed by the unauthorized actor during the incident. However, specific individuals and the extent of the information accessed are not yet known. While the investigation is ongoing, they are providing this notice to all individuals who may potentially be affected by this situation.  

Upon becoming aware of the Incident, NLACRC immediately took steps to further improve the security of their systems and practices. This included enhancing their monitoring processes for increased protection from cybersecurity threats, changing passwords and strengthening password practices. After determining that an unauthorized actor gained access to their systems, they immediately began analyzing available information to confirm the identities of potentially affected individuals and notify them 

NLACRC added further technical safeguards to their existing protections and brought systems back online as quickly and securely as possible. They continue to work with leading privacy and security firms to aid in their response, and they have reported this incident to relevant government agencies. 



January 23, 2025


Topic Area: Information Technology , Security


Recent Posts

Sunflower Medical Group Facing Lawsuit Following January Data Breach

The lawsuit seeks a jury trial, damages, expanded credit monitoring services and security improvements at Sunflower Medical Group.


Nemours Children's Health Opens New Location in Lake Nona

The nearly 8,000-square-foot facility will increase access to primary and specialty care services.


Enhancing Safety at Hennepin Healthcare with a Screening System

Case study: The system was able to detect 2,500 risk items in less than five months.


Healthcare Workers Outside Butler Memorial Hospital for Increased Workplace Safety

The picketing comes as the nurses and other healthcare staff experience increasing incidents of workplace violence.


TriasMD Set to Open DISC Surgery Center at Carlsbad

With construction finished, it is now being equipped and staffed to take on its first cases.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.