22 Jul 2011

Security snafu puts Boston patients at risk

More than 2,000 patients of Beth Israel Deaconess Medical Center in Boston may have had confidential personal information compromised in a computer security breach.

The hospital says antivirus settings were not enabled after one of its computers was serviced by a third-party vendor, resulting in an infection that sent data from 2,021 patient files to an outside computer. Medical record numbers, names, birthdates and descriptions of radiology procedures the patients had received were leaked.

Chief Information Officer John Hamalka said the hospital was relieved no Social Security or credit card numbers were compromised and apologized to the potential victims of the hack, who have been notified.

Patients who might have been affected can contact Beth Israel at a toll-free number, and the hospital is also offering them one year of free identity protection services, according to Fox 25, the local Fox affiliate.

A recent Daily Beast report categorized data according to its value to cyber criminals. Medical records, which a computer security expert said is mainly valuable as a means to blackmail victims, was assigned a relatively low score of 1. Credit card numbers, given a score of 5, were ranked the most valuable data.