Early last month, a UW Medicine employee opened an email attachment that contained malicious software. The malware took control of the computer, which happened to be storing personal information from approximately 90,000 UW Medicine and Harborview Medical Center patients, according to a UW Medicine news release.
The compromised patient data included names, phone numbers, addresses, medical record numbers and Social Security numbers, among other information.
UW Medicine is now reaching out to the affected patients and has also set up a call center to work with victims.
On Friday, Susan Phillips received a letter informing her of the data breach. She was a patient 10 years ago, but her last interaction with the hospital was in 2008.
"I opened it up and I read this and I just got furious," she said. "I don't have a word for it right now."
In the Wednesday news release, UW Medicine apologized for the breach and announced plans to implement a new "review, training and outreach effort."
"UW Medicine is committed to providing quality care and protecting patients' personal information, and sincerely apologizes for the inconvenience and concern this may be for affected patients," the statement reads.
While she's upset about the breach, Phillips said she's also angry about the way UW Medicine is handling it.
"Waiting until the day before Thanksgiving to do a bulk mailing?" she said.
UW officials referred the matter to the FBI, which is now investigating.