90,000 patients’ info exposed in hospital malware attack

Personal information of some 90,000 patients of two Seattle hospitals has been compromised after an employee opened an email attachment that contained malware.

The incident happened in early October, and was spotted the day after. Unfortunately, the infected computer contained patients’ name, medical record number, address, phone number, dates of service, charge amounts for services received at UW Medicine, Social Security Number or Medicare number, and date of birth.

The hospitals – Harborview Medical Center and University of Washington Medical Center – are run by UW Medicine, which revealed the breach to the public last week, and has also started notifying affected patients.

“Based on the results of an internal investigation, it is believed that patient information was not sought or targeted,” they shared. “The incident was referred to the FBI, and patients may be contacted by the FBI as part of its investigation. UW Medicine has also implemented a review, training and outreach effort as a result of this incident.”

“The affected patients will receive direct mail correspondence from UW Medicine,” they added, and the potential victims have been offered free credit-monitoring services.

Patients’ medical records were not compromised.