Hospital notifies patients of malware attack on digital imaging server

A Portales, New Mexico-based hospital is alerting patients of a security breach it traced to a PACS server used in the institution’s radiology department.

Roosevelt General Hospital said it discovered malware on a digital imaging server used to store patient information such as names, addresses, Social Security numbers and medical information, among other data. The hospital said in a Dec. 23 post to its Facebook page that 500 medical records were involved, but it hasn’t yet confirmed any patient information has been misused.

“Although we are continuing our investigation, there is no evidence at this time that any patient data has been wrongfully used,” Kaye Green, CEO of Roosevelt General, said in the post.

After the intrusion was detected, the hospital’s IT department quickly secured the sever and recovered patient information, according to the post. Roosevelt has since alerted all patients potentially affected by the breach. It also notified the Department of Health and Human Services within the proper 60-day reporting time frame for such events.