A US hospital has admitted suffering a mysterious malware attack that grabbed screenshots containing the personal data of 5,400 patients from hospital PCs before hiding them in an encrypted folder for probable transmission to criminals.
In a statement, the small Valley View Hospital in Glenwood Springs Colorado said that it had discovered the attack in January 2014, after which a third-party forensics firm identified the malware as a screen grabber that stored the data in an encrypted cache.
Each of the 5,400 patients whose details has been accessed was allotted a sub-folder, inside of which were grabs revealing different amounts of personal data including addresses, dates of birth, social security numbers, credit card data, patient numbers and discharge dates, the hospital said.
Comments