On November 28, 2024, North Los Angeles County Regional Center (NLACRC) discovered suspicious activity on their systems with indicators consistent with a ransomware event. They immediately began an investigation and took steps to contain the situation. This included notifying federal law enforcement and engaging cybersecurity and privacy professionals to assist.  

Currently, the investigation found evidence of unauthorized activity within NLACRC computer systems on November 20, 2024, through December 1, 2024, and took a copy of some information before encrypting or encoding certain computer systems to render them inaccessible. The investigation determined that some personal information was copied from their systems. There is currently no evidence of identity theft or fraud in relation to this incident. 

Based on the current findings of the investigation, the following types of information for clients may have been impacted: first and last names, addresses, dates of birth, telephone numbers, social security numbers, email addresses, financial account information, payment card information, health plan numbers, health plan beneficiary numbers, health insurance information, full-face photos and/or comparable images, UCI and patient ID numbers (unique identifying number or code generated by us for you), medical information, lab results, medications, diagnosis and/or treatment information, treatment cost information, disability codes, and certificate/license numbers.  

These are general categories of information that NLACRC believe may be present within the affected systems and may have been accessed by the unauthorized actor during the incident. However, specific individuals and the extent of the information accessed are not yet known. While the investigation is ongoing, they are providing this notice to all individuals who may potentially be affected by this situation.  

Upon becoming aware of the Incident, NLACRC immediately took steps to further improve the security of their systems and practices. This included enhancing their monitoring processes for increased protection from cybersecurity threats, changing passwords and strengthening password practices. After determining that an unauthorized actor gained access to their systems, they immediately began analyzing available information to confirm the identities of potentially affected individuals and notify them.  

NLACRC added further technical safeguards to their existing protections and brought systems back online as quickly and securely as possible. They continue to work with leading privacy and security firms to aid in their response, and they have reported this incident to relevant government agencies.