A health-care organization that was in the process of encrypting its data let one computer get away – and put the personal data of 3.3 million patients at risk.

Sutter Medical Foundation of Sacramento, Calif., said a desktop computer was stolen from its offices on the weekend of Oct. 15, according to an article InformationWeek ran Friday. Sutter discovered the theft on Oct. 17, a Monday. The computer held the names, addresses, birth dates and other personal details of people who were patients between 1995 and Jan. 2011.

The computer that was stolen was not yet encrypted as part of Sutter's encryption push, the article said. The machine was protected by a password.