DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Settlement in 2015 UCLA Health Data Breach Class Action

Posted on March 21, 2019 by Dissent

Top Class Actions reports:

A $7.5 million class action settlement has been reached, resolving claims that a July 2015 data breach exposed personal information stored by the UCLA Health Network.

The UCLA Health class action settlement provides $2 million to pay for unreimbursed loss claims and preventative measure claims. In addition, UCLA Heath has agreed to set up a cybersecurity enhancement fund of $5.5 million.

Read more and find the claim submission form for eligible class members on Top Class Actions.

UCLA Health Network’s original release about the incident can be read here.  OCR closed its investigation of the incident with the following note/summary:

A hacker accessed parts of the covered entity’s (CE) computer network that contained the clinical and demographic information of approximately 4,500,000 individuals. The CE reported the incident to the Federal Bureau of Investigation and conducted a forensic analysis of the incident. The CE provided breach notification to HHS, affected individuals, and the media, and also posted substitute notice. Following the breach, the CE implemented technical and administrative safeguards designed to help detect and contain any future cyber-attacks. OCR obtained assurances that the CE implemented the corrective actions above.

So that was it as far as HHS was concerned, but of course, that doesn’t stop anyone from suing an entity over a breach. The consolidated case is:
Adlouni v. UCLA Health System Auxiliary, et al., Case No. BC589243, in the Superior Court of the State of California, County of Los Angeles.

The final court hearing is scheduled for June 18, 2019.

I’m curious as to what the additional $5.5 million security enhancements are to be — and are these over and above what UCLA Health Network had already agreed to implement as part of HHS’s investigation? Maybe someone can do a deeper dive into the security upgrade issue in this case.

Related posts:

  • Meanwhile, over at Uber Leaks…
  • UCLA Health discloses network breach potentially affecting 4.5 million patients
  • Small-Scale Violations of Medical Privacy Often Cause the Most Harm
  • UCLA Health System notifies 16,288 of stolen hard drive
Category: Commentaries and AnalysesHackHealth DataOf NoteU.S.

Post navigation

← Ca: Shredding company denies responsibility for incident involving Grand Villa Casino cards
The Lawyer’s Duty When Client Confidential Information is Hacked From the Law Firm →

1 thought on “Settlement in 2015 UCLA Health Data Breach Class Action”

  1. Linda Desousa says:
    March 30, 2019 at 5:31 am

    I was at this hospital in 2014 west La. CA
    what do I need to do

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.