UW Medicine has started notifying about 90,000 of its patients that medical information was stolen during a malware attack last month, including 15,000 cases in which Social Security numbers may have been taken.
The attack happened when a UW Medicine employee opened an email attachment that contained malicious software, or malware, on Oct. 2.
UW Medicine — which includes UW Medical Center and Harborview Medical Center — discovered the attack the following day and shut it down, said UW Medicine spokeswoman Tina Mankowski.
It has taken more than a month to analyze the activity and figure out which patients are most at risk of identity theft, she said. The UW believes that the people behind the malware were not seeking or targeting medical information.
- Seahawks 39, Steelers 30: What the national media are saying about Russell Wilson and Seattle's turnaround
- On his birthday, Russell Wilson gives Seattle Seahawks perhaps his greatest game to beat Pittsburgh Steelers
- Girlfriend finds nothing funny about couple’s sense of humor
- Lake Stevens quarterback Jacob Eason gets visit from WSU’s Mike Leach; commitment to Georgia ‘in holding pattern’
- Could losing Jimmy Graham somehow help galvanize the Seattle Seahawks for a playoff run?
Most Read Stories
Because Social Security numbers and other identifying information may have been stolen, the UW is offering a free credit-monitoring service for a period of time for those patients who might be at greatest risk of identity theft.
In other cases, only the patient’s name, medical-record number, service dates and charge amounts were stolen. Those patients also received a letter about the attack, but were told that “the potential risk of identity theft is very low.”
Mankowski said it’s UW policy that if more than 500 accounts are compromised in an identity-theft attempt, the UW reports the incident to the media.
The incident is also being investigated by the FBI.
Katherine Long: 206-464-2219 or email@example.com. On Twitter @katherinelong.