St. Mark’s Medical Center in LaGrange, Texas notified 2,988 patients of a breach. From their notice of December 31, 2012:
On November 15, 2012, we learned that on May 21, 2012, one of our employee’s computers had become infected with malware that appears to have been designed to look for personal information stored on the computer. We immediately began an investigation and engaged a computer forensic investigation firm to examine the computer. Although the firm could not rule out the possibility, they did not find any evidence to confirm that any unauthorized person removed the personal information stored on the computer. If an unauthorized person did gain access to files stored on the computer, they would have been able to view billing files that contained patient names, account numbers, medical record numbers, dates of birth, gender, Social Security numbers, treatment dates, insurance provider names, and account balances. No medical records were accessed in the incident.
[…]