Two computers of the Alaska Department of Health and Social Services were hit by malware attacks, which potentially breached the records of some of its patients.

A Trojan horse virus was found on the two computers on July 5 and July 8. Trojan malware is masked as legitimate software and are used by hackers as leverage into a network. 

Cybercriminals use social engineering to dupe users into loading and executing the malware.

[Join Your Peers at HIMSS’ Healthcare Security Forum! Register Today]

Officials are still investigating to confirm whether hackers accessed the confidential data, as its preliminary investigation revealed data originating from the Western region of the state was potentially accessed.

The drives contained Office of Children’s Services information, including family case files, personal details, diagnoses, medical observations and related data.

“Upon discovery of these events, the department took immediate action to mitigate further access to the infected computers,” officials said. “The DHSS Information Technology and Security team continues to work quickly to determine the scope of data potentially accessed.”

The provider will continue to provide details to impacted patients as it becomes available. Officials are asking patients with prior contact with the OCS to call the office to determine if their data was included in the breach.

The U.S. Department of Health and Humans Services’ Office of Civil Rights breach reporting tool does not yet contain the number of impacted patients.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com