Frequently Asked Questions
What happened?
On January 24, 2024, our IT team identified and stopped an illegal intrusion into the Life Sciences Division IT environment. We believe our actions isolated the unauthorized access to the targeted area, which is 1.19% of the campus community. We have engaged a leading cybersecurity firm to assist in our response and notified the FBI. With their assistance, we are conducting a thorough assessment of the incident, including determining the extent of the impact to servers and data. In order to preserve the integrity of the investigation, we will need to limit what we can share at this time.
Was any personal information accessed or taken?
It is currently unknown whether any personal information was accessed or taken. UCLA continues to investigate with the assistance of leading cybersecurity experts to understand potential data impacts.
Who will be notified and when?
UCLA is conducting a detailed and thorough analysis of potentially impacted files to determine what information was accessed and to whom that information belonged. UCLA will provide notice to those individuals whose data is impacted as soon as possible after completing its investigation.
Was this a cyber attack?
Yes. We believe the illegal intrusion was the result of a cyber attack.
Who is the person responsible/who accessed my information?
We believe the attack was carried out by an organized cyber criminal group. To preserve the integrity of the investigation, this is all we can share at this time.
What is UCLA doing to respond to this incident?
After being notified of the incident, UCLA immediately activated its incident response procedures, isolated the compromised environment from the rest of campus, and enhanced monitoring of the system to manage further risk. Additionally, UCLA is working diligently to recover systems and understand the data impacts related to this incident. As part of its ongoing security operations, UCLA regularly reviews its security and privacy policies and procedures and implements changes to its information security and privacy practices. implementing stronger security measures, and educating staff about cybersecurity best practices. We are also actively collaborating with cybersecurity experts to enhance our system's security and prevent future attacks.
Have you notified law enforcement?
Yes, the university notified the FBI.
Was my Social Security number affected?
It is currently unknown whether any personal information was accessed or taken. UCLA continues to investigate with the assistance of leading cybersecurity experts to understand potential data impacts.
How did this happen?
A thorough investigation is currently underway to fully understand all details related to this incident. In order to preserve the integrity of the investigation, we are limited in what we can share at this time.
When did it happen?
On January 24, 2024, UCLA IT Staff identified and stopped an unauthorized access of a limited part of the IT environment while the intrusion was occurring.
Were other systems impacted?
There is no evidence of this incident having an impact on any other campus systems beyond the identified and contained scope.
What does UCLA do to address cyber attacks and protect my information?
UCLA is deeply committed to safeguarding your data. We use a robust array of tools designed to actively detect and address cyber threats. The university also recently launched the Digital Campus Roadmap, a significant initiative to support transforming digital scholarship and research. Learn more about this initiative including our Enterprise Information Security projects.