UNM Health Sciences Center notified about 1,900 patients that their personal information was compromised by hackers.
The hackers had access to a list containing some personal information. According to an HSC press release, two computers at an off-site UNM clinic were affected by sophisticated versions of malware.
However, HSC’s IT security system wasn’t penetrated and neither were electronic medial records, according to a statement from HSC.
Attacks like this are on the rise, said Sam Giammo, director of HSC’s public affairs.
“If you have followed the national news recently, you know that we are not alone,” he said.
The file contained names and other personal information for patients who were treated at the facility between 2007 and 2009. The file didn’t contain social security numbers or credit card information, according to the press release.
Giammo said he couldn’t recall any other malware attacks similar to this one at the HSC.
A letter was sent out Feb. 24 notifying the patients affected by this hacker attack.
“We determined it would be appropriate for us to disclose this event to patients whose names were in the file,” the press release said.
Patient information on the computers has been removed and the two affected computers are no longer in use.
“The information has now been secured,” the press release said.
An IT security association, of which HSC is a member, advised HSC of the malware attack Feb. 8, even though it wasn’t known if HSC was the intended target.
There are more than 10 UNM off-site clinics.
HSC representatives said a detailed analysis of the cyber attack was completed, but couldn’t find if the file was harvested for its data.
“We will continue to take steps to secure computers from these types of problems,” the press release said. “The HSC works every day to ensure the privacy and confidentiality of the patient health information it maintains on its IT systems.”
Get content from The Daily Lobo delivered to your inbox
