The California Office of the Attorney General disclosed a data breach affecting the UCLA Summer Sessions & International Education Office, originating from a cyberattack on May 18, 2017, and reported on July 31, 2017. The incident exposed sensitive personal information, including names, addresses, Social Security numbers, and health insurance subscriber IDs of individuals associated with the office. While the breach created a risk of unauthorized access, investigators found no evidence that the compromised data was actually stolen or misused.The attack targeted systems containing personally identifiable information (PII), raising concerns about potential identity theft, financial fraud, or phishing scams targeting affected individuals. As an educational institution handling student and faculty data, the breach underscored vulnerabilities in safeguarding confidential records. UCLA took steps to notify impacted parties and offered credit monitoring services as a precautionary measure. The incident highlighted the growing threat of cyberattacks on academic institutions, which often store vast amounts of sensitive data but may lack robust cybersecurity defenses compared to corporate or government entities.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-100724
TPRM report: https://www.rankiteo.com/company/summer-discovery
"id": "sum133082125",
"linkid": "summer-discovery",
"type": "Cyber Attack",
"date": "5/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Education',
'location': 'Los Angeles, California, USA',
'name': 'UCLA Summer Sessions & International '
'Education Office',
'type': 'Educational Institution'}],
'data_breach': {'data_exfiltration': 'No evidence of actual access or '
'exfiltration',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (includes SSNs and health '
'insurance IDs)',
'type_of_data_compromised': ['personal information',
'protected health information '
'(PHI)']},
'date_detected': '2017-05-18',
'date_publicly_disclosed': '2017-07-31',
'description': 'The California Office of the Attorney General reported a data '
'breach involving UCLA Summer Sessions & International '
'Education Office on July 31, 2017. The breach resulted from a '
'cyberattack on May 18, 2017, which may have put personal '
'information at risk, including names, addresses, social '
'security numbers, and health insurance subscriber IDs, '
'although there is no evidence that this information was '
'actually accessed.',
'impact': {'data_compromised': ['names',
'addresses',
'social security numbers',
'health insurance subscriber IDs'],
'identity_theft_risk': 'Potential (no evidence of actual access)'},
'investigation_status': 'No evidence of data access found; investigation '
'likely concluded',
'references': [{'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'Reported to California '
'Office of the Attorney '
'General'},
'response': {'communication_strategy': 'Public disclosure via California '
'Office of the Attorney General'},
'title': 'UCLA Summer Sessions & International Education Office Data Breach',
'type': 'Data Breach'}