Unknown hackers broke into the servers for New Hampshire-based Seacoast Radiology, potentially accessing sensitive patient information for more than 230,000 people, the medical company now admits. The hackers’ rationale was simple – they wanted to play Call of Duty: Black Ops and couldn’t find a server.
The gamers logged into the computer that also stored patient names, social security numbers, addresses and medical diagnosis codes, as well as credit card information. Seacoast has now urged their patients to carefully monitor their credit reports for any signs of identity theft, but so far nothing suggests the information has been misused. It looks like the gamers simply wanted the server for its internet access, and nothing more.
Seacoast didn’t even realise anything was happening until an admin noticed a loss of bandwidth on November 12th – the company doesn’t know how long the hackers were using the server (Call of Duty: Black Ops was launched November 9th). It’s believed that the gamers came from somewhere in Scandinavia, but the security company brought in to deal with the breach acknowledge that any IP information may be faked, so it’s difficult to tell for sure.
The security flaw that left the business open to hackers has since been discovered and fixed, and the incident has been reported to both the New Hampshire attorney general and the US federal Department of Health and Human Services. It is not known where the gamers are hanging out these days.