On May 12, Boston-based Health Dialog Services Corporation notified (pdf) the New Hampshire Attorney General’s Office that they had detected a virus on their network that compromised company data, including data stored in the Internet Explorer browser cache on employee computers. The virus was detected on May 5.
The company subsequently determined that the compromised data included personally identifying information that the employees typed while using IE on their computers such as social security numbers, names, addresses, credit card numbers and expiration dates, user names and passwords.
HDSC provided initial email notification to the employees with an offer of free services on May 6; with formal letters sent out on May 14. They report that 390 New Hampshire residents were being notified, but do not indicate how many employees from other states were also affected.