Lane Community College notifies health clinic patients of potential breach
Dylan Darling reports:
A virus-infected computer at the Lane Community College health clinic may have relayed patient information — names, addresses, Social Security numbers and more — to an unknown third party for more than a year, the college said Friday.
LCC said it has sent letters warning 2,500 patients whose information may have been stolen. The “Backdoor:Win32/Vawtrak” virus infected the computer from March 2016 until Feb. 3 this year, when a technician performing routine maintenance on the machine found the virus, Brian Kelly, LCC vice president of college services, said Friday.
“We have no evidence that any of the information was transmitted (from LCC), but there’s the possibility,” he said.
Read more on The Register-Guard.
DataBreaches.net emailed the college to ask if the clinic was covered by HIPAA or FERPA, and whether the incident was being reported to HHS, but received no immediate response.