Goal of hackers at UW: storage?

It's as if burglars broke into your house just to use your closet.

Even though the giant computer system at the University of Washington Academic Medical Center in Seattle contains medical records for more than 2 million patients, hackers who breached its firewall apparently only wanted to store their own stuff, UW officials said Wednesday.

Officials Wednesday notified some 24,000 medical faculty and staff members that they must change their passwords as a result of the break-in, discovered in December.

The computer system includes the UW School of Medicine, UW Medical Center, Harborview Medical Center, UW Medicine Neighborhood Clinics, Seattle Cancer Care Alliance and UW Hall Health.

An investigation has found that the hackers began entering the system in 2004.

There's no evidence that any patient information was accessed, said Ira Kalet, security director for UW Medicine information-technology services. Access logs record every inspection of patient records, he said, and are extremely hard to hack into without it being detected.

"So far we've found nothing that indicates any unusual activity; no log entries we can't account for," he said. "We're really confident in the integrity of the logs."

Information:

UW Medicine computer-intrusion update: www.uwmedicine.org Click on "computer intrusion update"

Instead, the hackers appear to have been looking for places in the computer system to tuck away music files, or other kinds of illegally obtained computer files, Kalet said.

"Typically what they're looking for is large amounts of disk space, computers that are fast and powerful," Kalet said.

While the UW has not found the culprit, they have turned over clues to federal authorities, Kalet said. "They are working on the case."

Because there was no evidence that patient records were accessed, the UW didn't notify patients of the breach, Kalet said.

In addition, he said, there was no disruption of data needed for patient care, Kalet said, as there was last year at Northwest Hospital and Medical Center when a hacker blocked key-card access to operating rooms, shut down computers and silenced pagers.

It appears that universities are common targets for hackers, Kalet said. Recently, computer-system breaches occurred at Stanford University, Notre Dame and the University of Connecticut.

"There's a perception on the part of a lot of people that we're easy to break into," Kalet said.

That's not necessarily true, he said, despite the UW's mission to run an "open environment," communicating widely with other institutions.

Carol M. Ostrom: 206-464-2249 or costrom@seattletimes.com