Virus Attack Compromises Information of Air Life Members
Following a hack at CHC, a forensic investigation revealed that a computer virus attack might have compromised personal information of about 10,400 Air Life members.
Cascade Healthcare Community announced on March 6, 2008 that around 10,400 members of Air Life of Oregon, provider of air-ambulance services, possibly helped in leaking their personal information due to computer virus.
According to news published in The Oregonian on March 6, 2008, the virus had crept into the computer on December 11, 2007 while the IT staff of the hospital thought they rebuffed it. But, on February 5, 2008, they felt that the system was behaving suspiciously and so called in the computer forensic professionals to investigate.
All people who might have felt an impact as a result of the breach would be directly notified with all information by the second week of March 2008, as reported by KTVZ on March 5, 2008.
James A. Diegel, President and CEO of CHC, explained that when such a high magnitude computer virus strikes a complex system like that of CHC, it requires a great deal of time to figure out what amount of data might have been captured, as reported by KTVZ on March 5, 2008.
Aside the compromise of community members' information, CHC found that all its employees' usernames and passwords were also exposed for a brief while. All passwords for caregivers were changed in the afternoon of February 21, 2008 and so far there is little evidence that health information of individual patients were unlawfully accessed, as reported by KTVZ on March 5, 2008.
CHC disclosed the presence of the virus on March 5, 2008 following a thorough forensic investigation by experts who revealed that the attack might have compromised information.
Diegel added that it is vital to further raise the security level within CHC. He said that work on security at all levels is ongoing, ranging from drawing the importance of password protection for caregivers to upgrading the organization's virus protections.
A copy of the credit report of affected individuals would be provided free of cost irrespective of whether or not they think an unauthorized transaction occurred with respect to their account. For that people could contact any of the consumer reporting bodies in the country, as reported by KTVZ.
Related article: Virus Infects Through USB Drives
» SPAMfighter News - 15-03-2008