Cyber Incident Victim: University of California, Los Angeles

On May 18, 2017, a cyberattack targeted a server managed by UCLA’s Summer Sessions and International Education Office, potentially compromising the personal information of approximately 32,000 students. The breach was publicly disclosed by UCLA on August 4, 2017, following an internal investigation. The compromised server stored sensitive student data, including names, addresses, Social Security numbers, dates of birth, and medical information submitted to the university prior to April 13, 2016. UCLA’s Information Security Office confirmed the intrusion in a bulletin but noted no conclusive evidence that attackers successfully exfiltrated or accessed the stored information. University spokesperson Tod Tamberg emphasized that while unauthorized access to the server occurred, investigators could not definitively rule out the possibility of data exposure. The incident exclusively impacted individuals who had shared personal details with the affected administrative unit within the specified timeframe, with no broader university systems compromised.

UCLA initiated multiple response measures following the discovery of the breach. The university implemented immediate technical modifications to the compromised server to fortify its defenses against future cyberattacks. Over several weeks following the August 4 disclosure, UCLA planned to directly notify all potentially affected students about the incident via formal communications. As a remedial action, the university offered impacted individuals one year of complimentary identity protection services at no cost. These services aimed to mitigate potential risks stemming from the exposure of sensitive personal identifiers, though officials reiterated there was no direct evidence of data misuse. The response focused on containment, stakeholder notification, and risk mitigation without public speculation regarding the attackers’ identity or motives.