Keystroke logger detected on hospital's computers

May have been in place undetected for nearly four years
By Mike Miliard
11:30 AM
Typing on laptop

A hospital in Kentucky is notifying patients of a security incident, after it was discovered that some of its computers had been infected with a keystroke logger designed to capture and transmit data as it was typed.

This past Friday, OH Muhlenberg, LLC announced that Greenville, Ky.-based Muhlenberg Community Hospital had detected the malware on some of its machines.

The keystroke logger may have been in place since January 2012.

Learn on-demand, earn credit, find products and solutions. Get Started >>

Affected computers were used to enter patient financial data and health information, potentially including names, addresses, telephone numbers, birth dates, Social Security numbers, driver's license/state identification numbers, medical and health plan information, financial account numbers, payment card information and employment-related information. Additionally, some credentialing-related information for providers may also be impacted, officials said.

Noting that they have "no indication that the data has been used inappropriately," Muhlenberg officials did say that they believe the malware could have captured username and password information for accounts or websites that were accessed by employees, contractors or providers using the affected terminals.

[Learn more: Meet the speakers at the HIMSS and Healthcare IT News Privacy and Security Forum.]

In mid-September, the FBI notified Muhlenberg of "suspicious network activity involving third parties," officials said. Upon learning this, the hospital "took immediate action," launching its own internal investigation and hiring a digital forensics and security firm.

"The hospital understands the importance of protecting the privacy and security of its providers', patients' and employees' information," officials said, noting that the hospital worked quickly to contain the damage, "including immediately blocking the external unauthorized IP addresses, taking steps to disable the malware and continuing to enhance the security of its systems moving forward.

Muhlenberg "regrets any inconvenience or concern this incident may cause," officials said, adding that affected patients would receive one year of complimentary identity protection services.

More regional news

A person looks into a vaccine refrigerator

(Photo by Ivan Romano/Getty Images)

SUNY Upstate Medical University Cancer Center

SUNY Upstate Medical University Cancer Center

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.