The Register reports that unknown hackers took control of a medical server storing sensitive patient information and created a dedicated multiplayer server for the just-released Call of Duty: Black Ops.
Although the breach was originally discovered on November 12, 2010, New Hampshire-based Seacoast Radiology told patients on Tuesday that the hacked server stored their names, social security numbers, medical diagnosis codes, addresses and other details. Currently there's no evidence of any misuse of the private information; however, patients were warned to keep an eye out for any foul play.
After discovering the breach, the medical group called in ID Experts to investigate. According to Lisa MacKenzie, a spokesperson for the firm, the hackers were located in Scandinavia however she did not provide details on how the firm came to that conclusion. Other details of the breach, including the weakness in security that allowed the hackers to take over, were also kept under wraps.
The November breach was discovered after an administrator noticed a huge drop in bandwidth. After the investigation, ID Experts reported the incident to the federal Department of Health and Human Services as well as the New Hampshire attorney general.
It's unclear how long the hackers had the Black Ops server up and running before the breach was discovered, however the security flaw was eventually tracked down and fixed.