[ISN] Fallon Community Health Plan reports data breach affecting 30, 000 members

From: InfoSec News (alerts@private)
Date: Thu Jan 24 2008 - 22:26:58 PST


http://www.telegram.com/article/20080124/ALERT01/769284629

By Bob Kievra 
Telegram & Gazette Staff
January 24, 2008

WORCESTER -- Fallon Community Health Plan said this afternoon the names, 
dates of birth and Medicare identification numbers of approximately 
30,000 Senior Plan members was on a laptop computer stolen earlier this 
month from a Boston-based vendor of the HMO.

The health plan said it will offer free credit monitoring services for 
12 months to those affected by the data breach. Fallon health plan 
officials said the data was not password protected or encrypted, in 
violation of the company's policies.

"I deeply regret that this incident occurred,'' said President and Chief 
Executive Officer Eric H. Schultz. "I sincerely apologize for the 
inconvenience and trouble this theft may cause our members.''

Mr. Schultz said the laptop containing Fallon's information was one of 
three computers stolen from a Boston office on either Dec. 31 or Jan. 1. 
The vendor discovered the theft Jan. 2 and originally said the material 
had been encrypted. But the health plan, with the assistance of a 
forensic technologist, came to the conclusion Jan. 14 that the 
information was not protected.

The data does not include any financial information such as bank account 
or credit card numbers or any home addresses. But it does include 
Medicare identification numbers, which usually consists of the person's 
or his or her spouse's Social Security number.

The vendor was using the data to ensure that Medicare claims were being 
appropriately processed, Mr. Schultz said.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Thu Jan 24 2008 - 22:33:53 PST