Hacker at UW Medicine revealed

February 16, 2006

Dan Richman

http://seattlepi.nwsource.com/local/259725_computer16.html



An off-site intruder broke into the computer system at UW Medicine in June 2004, gaining the chance to view and copy patient and business records for 18 months until the break-in was discovered in December, the organization said Wednesday.

But none of the system's 2 million-plus patient records appear to have been accessed, and patient care wasn't affected, said Dr. James Fine, chief information officer.

News of the break-in, which Fine called "serious," was released only Wednesday morning, even to University of Washington employees.

The breach was kept confidential so computer-system staffers could close the security hole through which the intruder entered, stabilize the system and change all 24,000 passwords used on the system.

The goal of the hacker, or hackers, apparently was only to use the system for its computing power and data storage, Fine said.

The hacked system serves users at Harborview Medical Center, University of Washington Medical Center, University of Washington School of Medicine, UW Medicine Neighborhood Clinics and UW Physicians.

It contains hundreds of servers, some housing medical and business records. Computers used in diagnosis and treatment are also linked to the system, said Ira Kalet, director of security.

The breach occurred because someone failed to install security patches -- small programs designed to remedy newly discovered vulnerabilities. Once the hacker was inside the system, passwords were accessible, allowing access to more than 200 computers.

The system uses a variety of operating systems, including Microsoft's Windows.

To prevent recurrences, the university said it is encrypting all passwords and moving them to a server separate from all other systems.

The 200 breached computers were removed from the network and their hard drives wiped clean. A commercial intrusion-alert system was installed in late 2004.

Federal law enforcement was notified of the break-in and is working on the case, the university said. It defends itself against nearly a half-million attacks per week, Fine said.

The university's computer system has been targeted before. In 2000, a hacker in Denmark obtained health records for some patients, and though the FBI was called in, the hacker wasn't identified.

LEARN MORE

For a more detailed Q-and-A from UW Medicine, visit: http://goto.seattlepi.com/r88


main page ATTRITION feedback