The breach has become public knowledge only now, because the institution started mailing the people whose records were affected only a couple days ago and because it has been reported to the federal Department of Health and Human Services and New Hampshire's attorney general.
The records on the breached server contained names, addresses, Social Security numbers, medical diagnosis codes and more, but did not contain any credit card information.
Although there is no evidence for now that the hackers misused in any way that information, Seacoast Radiology is urging people to place fraud alerts and order and review carefully their credit reports.
The breach was first detected on November 12 by an administrator who noticed a loss in bandwidth. According to The Register, an investigation was immediately mounted by an outside security firm, the flaw used to breach the server was identified and patched.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.