I don't want to go off on a Humans Are Bastards tangent just yet, or at all in fact because that's not how I roll, unless I know that these people actually knew what they were doing.
And like other people have said, if they could get in at all puts suspicion on the Hospital's security.
Sorry, I can't hear you from my FLYING METAL BOX!I... I find this hilarious and stupid on the hackers' parts.
Please kill me.
Half-Life: Dual Nature, a crossover story of reasonably sized proportions.Yeah. We are not talking about a defaced website or a hijacked World Of Warcraft account and blame some poor, in terms of IT security uneducated user for the crimes of others. We are talking about a medical facility, a server hosting patient medical data and social security numbers - two among the top five of the most sensible personal information on the planet - and people, either employees of the hospital or an external IT consulter paid to secure those.
So, you've got assholes who broke into a medical server to host fucking CoD and you've got incompetent jokers who handled patient confidentiality with gross negligence. Not much point to play the blame game here; to badly translate an idiom, put them all together in a sack and smack it with a stick, you'll always hit the right one.
The fact that those hackers used a medical server for playing Call of Duty is bad. I just don't understand how they got in. They have laws specifying certain levels of security on networks like that (HIPPA comes to mind).
Can I also add my support for that analogy?
EDIT AGAIN:
Basically, this isn't a guy getting his home invaded and being told that he was at fault for not having a gun at hand at all times and a titanium door, this is a bank that got robbed and didn't notice until a week later. A lot more problem with the second then the first. The people in charge of securing these things actually have a level of security ascribed by the law. It might've been a zero-day attack, in which case they're screwed, but you would think a server like that would be behind multiple layers of security.
And I've edited this once again to clarify what I mean.
edited 15th Jan '11 8:17:01 AM by TheInferno
"The fact that your food can be made into makeshift bombs alarms the Hell out of me, Scrye." - CharlatanThat's actually the truth though. Security is all about prevention, especially in computer security. You fail to have adequate security or forethought, you deserve to get hacked. Vulnerabilities and the tools to patch them up or secure them are not just to look shiny on an accounting report.
The only exceptions to this rule are day zero attacks.

Yeah, I'm inclined to apply Hanlon's Razor to this unless someone comes in with more information. The articles don't say much more than "Hospital server hacked to play video game".
This "faculty lot" you speak of sounds like a place of great power...