Over 5,000 patients participating in research studies with Kaiser Permanente may have had their personal information compromised. A research computer used to store names, birth dates, medical record numbers and lab results was found to be infected with malicious software. It was reported that the computer was infected for more than two and a half years before being discovered.
Antivirus software was not properly updated on the server due to human error.
Kaiser Permanent sent breach notification letters to the impacted individuals.