UCLA Health today announced it was a victim of a criminal cyber attack. The health system estimates that data on as many as 4.5 million individuals may have been involved in the attack, but said it currently has no evidence that any personal or medical information was actually accessed or acquired. The health system is working with investigators from the Federal Bureau of Investigation, and has hired private computer forensic experts to further secure information on network servers. “We take this attack on our systems extremely seriously,” said James Atkinson, M.D., interim associate vice chancellor and president of the UCLA Hospital System. “Our patients come first at UCLA Health and confidentiality is a critical part of our commitment to care.” The health system is sending letters to affected individuals with details on how to access identity theft and restoration services, and has established a website for patients that may have been impacted. Hospitals are encouraged to review cybersecurity resources on AHA’s website at www.aha.org/advocacy-issues/cybersecurity.shtml.