http://www.fredericksburg.com/News/FLS/2008/102008/10192008/418223 BY JIM HALL The Free Lance-Star 10/19/2008 A security breach in an online computer system at Mary Washington Hospital exposed the private medical information of some of its maternity patients. A man who tried to use the Fredericksburg hospital's online registration system for his expectant wife said the files for 803 patients were publicly available on the site. On Friday, a hospital official described the breach as an "anomaly." She said the man was the only person to see the files, that he opened only two of them and that he did not print or download any data. "We believe that this is a one-time incident," said Kathleen Allenbaugh, hospital spokeswoman. Hospital officials first learned of the breach when a Spotsylvania County sheriff's deputy notified them that the online registration feature at the MediCorp.org Web site was not working correctly. Rebecca and Gary Dennison, a Spotsylvania couple, had contacted police after learning that their private medical information was visible on the site. Rebecca Dennison is expecting the couple's first child in November, and had preregistered online for her delivery. Dennison said last week that a stranger who gave his name as "Mike" called her house the night of Saturday, Oct. 11, to tell her that he was looking at private information about her and her husband on the MediCorp site. The man knew the couple's Social Security numbers, phone numbers, address, insurance carrier, her birth date and her doctor's name. She was concerned, she said, because her husband was in Delaware on business at the time. "I was in shock," she said. "I didn't know what to do. It was 11 o'clock at night." Dennison called her husband, who contacted the Sheriff's Office after talking with Mike. A Spotsylvania deputy called Mike and then called the hospital. Reached by phone last week, Mike said he was reluctant to talk about the incident, and agreed to do so only if his last name was not be used. [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/Received on Mon Oct 20 2008 - 00:14:51 PDT
This archive was generated by hypermail 2.2.0 : Mon Oct 20 2008 - 00:21:11 PDT