San Antonio-based Institute for Women's Health notified patients of a web security incident after discovering a keylogger virus on its computer network July 6.
Upon discovering the keylogger virus, Institute for Women's Health officials worked to remove it from network computers and terminal servers. Officials said the virus was completed removed by July 13. A subsequent investigation confirmed the virus was installed June 5.
The keylogger virus may have captured information from patients who paid for services with a credit or debit card from June 5 to July 11. Affected information might have included names, addresses, dates of birth and Social Security numbers, among other information typed into the system.
Officials reported 15,761 individuals were affected in the incident, according to an Aug. 18 submission to HHS' Office for Civil Rights breach portal.
Institute for Women's Health officials have offered affected patients identity theft protection services such as one year of credit monitoring, a $1,000,000 insurance reimbursement policy and identity theft recovery services.
Editor's note: Becker's Hospital Review reached out to Institute for Women's Health for comment and will update as more information becomes available.