Cyber Incident Victim: Valley View Hospital

In January 2014, Valley View Hospital in Colorado identified a computer virus on hospital systems that compromised sensitive personal information of approximately 5,400 patients. The virus, discovered on January 23, captured screenshots containing patient data and stored them within an encrypted and hidden folder on the hospital’s network. Exposed information included names, addresses, dates of birth, phone numbers, Social Security numbers, payment card details, admission and discharge dates, and patient visit numbers. Forensic analysis confirmed the virus’s operation by January 25 but could not verify whether unauthorized external parties accessed or transmitted the stored data. The hospital acknowledged the possibility of external access to the encrypted folder, heightening concerns about potential misuse of the highly sensitive financial and identification records.

Upon detecting the virus, Valley View Hospital immediately shut down all incoming and outgoing network traffic to contain the threat and initiated measures to eliminate the malware. The hospital engaged a forensic team to analyze the virus’s behavior and impact, leading to subsequent upgrades in its information security program and expanded IT security procedures. All affected individuals received direct notifications about the breach, with the hospital publicly disclosing the incident in March 2014 through its website. CEO Gary Brewer emphasized the hospital’s rapid and comprehensive response, including ongoing monitoring and support for potentially impacted patients. The institution maintained transparency about its inability to confirm data exfiltration while reinforcing its commitment to security enhancements following the incident.