North Los Angeles County Regional Center Targeted by Ransomware

There is currently no evidence of identity theft or fraud in relation to this incident.

By HFT Staff


On November 28, 2024, North Los Angeles County Regional Center (NLACRC) discovered suspicious activity on their systems with indicators consistent with a ransomware event. They immediately began an investigation and took steps to contain the situation. This included notifying federal law enforcement and engaging cybersecurity and privacy professionals to assist 

Currently, the investigation found evidence of unauthorized activity within NLACRC computer systems on November 20, 2024, through December 1, 2024, and took a copy of some information before encrypting or encoding certain computer systems to render them inaccessible. The investigation determined that some personal information was copied from their systems. There is currently no evidence of identity theft or fraud in relation to this incident. 

Based on the current findings of the investigation, the following types of information for clients may have been impacted: first and last names, addresses, dates of birth, telephone numbers, social security numbers, email addresses, financial account information, payment card information, health plan numbers, health plan beneficiary numbers, health insurance information, full-face photos and/or comparable images, UCI and patient ID numbers (unique identifying number or code generated by us for you), medical information, lab results, medications, diagnosis and/or treatment information, treatment cost information, disability codes, and certificate/license numbers.  

These are general categories of information that NLACRC believe may be present within the affected systems and may have been accessed by the unauthorized actor during the incident. However, specific individuals and the extent of the information accessed are not yet known. While the investigation is ongoing, they are providing this notice to all individuals who may potentially be affected by this situation.  

Upon becoming aware of the Incident, NLACRC immediately took steps to further improve the security of their systems and practices. This included enhancing their monitoring processes for increased protection from cybersecurity threats, changing passwords and strengthening password practices. After determining that an unauthorized actor gained access to their systems, they immediately began analyzing available information to confirm the identities of potentially affected individuals and notify them 

NLACRC added further technical safeguards to their existing protections and brought systems back online as quickly and securely as possible. They continue to work with leading privacy and security firms to aid in their response, and they have reported this incident to relevant government agencies. 



January 23, 2025


Topic Area: Information Technology , Security


Recent Posts

The Effect of Over-Cleaning on Human Health

Environmental services managers should be concerned and informed about the oral and dermal toxicity of all chemicals used in their facilities.


Rumored Terror Threat to Hospitals Prompts FBI Warning

Despite no threat, healthcare facilities are urged to review emergency preparedness protocols.


Ground Broken on New Johns Hopkins All Children's Hospital

The new 56-bed hospital will be on a 112-acre site in Wesley Chapel.


States Move Forward to Better Protect Senior Citizens

Senior citizens are among the most vulnerable population and require a certain level of care. States are trying to protect them.


Archer and REDA to Transform Newport Beach Building into Outpatient Center

Groundbreaking on the Newport Irvine Medical Center is scheduled for June 2025.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.