SEATTLE — Officials at UW Medicine in Seattle are notifying about 90,000 patients that an October security breach compromised their personal information.
The Seattle Times reported that Social Security numbers may have been taken in about 15,000 of those cases.
UW Medicine spokeswoman Tina Mankowski said the problem started when a UW Medicine employee opened an email attachment that contained malicious software on Oct. 2.
Mankowski said UW Medicine discovered the attack the next day and shut it down.
The spokeswoman said it has taken more than a month to analyze which patients are at greatest risk of identity theft. The UW is offering those patients a free credit-monitoring service for a period of time.
In cases in which only a name, medical-record number, service dates and charge amounts were stolen, the patient is being notified but is considered at “very low” risk of identity theft.
The FBI is also investigating.
UW Medicine includes the UW Medical Center and Harborview Medical Center.