UCSF Update on IT Security Incident

On June 1, UCSF IT staff identified and stopped an unauthorized access of a limited part of the School of Medicine’s IT environment while the intrusion was occurring. Out of an abundance of caution, we immediately isolated a wider range of the School’s servers than what the intrusion targeted and engaged a leading cybersecurity firm to assist in our response.
 
Importantly, we determined that our overall UCSF network was not affected, and there is no impact to patient care delivery operations.
 
We quickly launched an investigation to determine what information, if any, may have been impacted, and are cooperating with the FBI. Our assessment has determined that the vast majority of the School’s IT environment has not been impacted. We are making good progress and are optimistic that we will start bringing our isolated systems back online in about two weeks. As we complete our recovery work, some of the School’s systems may remain unavailable.
 
In order to preserve the integrity of the investigation, we are limited in what we can share at this time and appreciate everyone’s patience as we resolve this situation.