Computer virus infects 5,400 hospital patient records
Credential-stealing malware; Unauthorized use of system administrator privileges
A sophisticated worm collected and encrypted Valley View Hospital Association information into a hidden system file.
The hospital has been unable to confirm whether any data was improperly accessed by outsiders.
“The virus had captured screen shots of Internet web pages and stored these images in an encrypted, hidden folder on the Valley View Hospital system,” the hospital’s website states. “This folder could have been accessed by an outside entity.”
On Jan. 25, hired investigators reported the contents of the hidden folder, including individual names and in some cases addresses, date of birth, telephone numbers, social security numbers, credit card information, admission dates, discharge dates and patient visit numbers.
Officials said affected individuals will be notified by mail on March 17.
No medical information was included, they added.
ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.
Healthcare and Public Health
March 14, 2014
Link to report
5,400 hospital patients
location of breach
Colorado, United States
location of perpetrators
date breach occurred
date breach detected
January 23, 2014