The breach has become public knowledge only now, because the institution started mailing the people whose records were affected only a couple days ago and because it has been reported to the federal Department of Health and Human Services and New Hampshire's attorney general.
The records on the breached server contained names, addresses, Social Security numbers, medical diagnosis codes and more, but did not contain any credit card information.
Although there is no evidence for now that the hackers misused in any way that information, Seacoast Radiology is urging people to place fraud alerts and order and review carefully their credit reports.
The breach was first detected on November 12 by an administrator who noticed a loss in bandwidth. According to The Register, an investigation was immediately mounted by an outside security firm, the flaw used to breach the server was identified and patched.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.