HSC Notifies Patients of Cyber Attack at Outlying Clinic

The UNM Health Sciences Center (HSC) began notifying about 1,900 patients on Feb. 23 that a list containing some limited personal information about them was on two computers that were the subject of a serious cyber attack by two very sophisticated types of malware. We notified all people who may have been affected by this problem by letter.

On February 8, 2010, an information technology (IT) security association of which the HSC is a member advised us that the HSC had been subjected to the malware attack, although there is no indication HSC was specifically targeted. Because HSC’s IT security system is very robust, our system was not penetrated, and most importantly, neither were our electronic medical records; however, two stand alone computers in a small, off-site clinic did become infected with the malware. The file contained the names and other limited personal information of approximately 1,900 patients treated in that facility between 2007 and 2009. The file did not contain social security numbers or credit card information.

We conducted a detailed analysis of the cyber attack and although we cannot tell for sure whether this file was harvested for its data, we determined it would be appropriate for us to disclose this event to the patients whose names were in the file. Furthermore:

• Protecting the security and privacy of health information is important to us.

• We will continue to take steps to secure computers from these types of problems.

• All information on that computer has been removed. The computer is no longer used.

• The information has now been secured.

The HSC works every day to ensure the privacy and confidentiality of the patient health information it maintains on its IT systems.

HSC’s IT security team has robust security systems in place for all HSC systems to ensure that we ward off further cyber attacks such as this, and we continuously endeavor to find ways to assess, improve and enhance those security systems against the latest advanced cyber threats.

Related Stories

Espresso Cafe New Name & Logo Contest

Espresso Cafe New Name & Logo Contest

After 25 years, the Espresso Café in the University of New Mexico Hospital (UNMH) is ready for a new name and a new logo. Please submit your suggested name for the cafe and/or logo idea, along with your contact info, to maraustin@salud.unm.edu by April 5.
“The Providers” Documentary Screenings and National Broadcast Debut

“The Providers” Documentary Screenings and National Broadcast Debut

The award-winning documentary “The Providers,” featuring UNM School of Medicine alumni Leslie Hayes, MD, Matt Probst, PA-C, and College of Nursing alumnus Chris Ruge, RN, will screen on Saturday, March 30 at 10 a.m. and 1 p.m in the UNM Student Union Building (SUB). The national broadcast debut of “The Providers” documentary is set for Monday, April 8 on Independent Lens | PBS.